Reports

😡 This is not secure:

"SmtpSettings": {
  "Host": "smtp.office365.com",
  "Port": 111,
  "Username": "[email protected]",
  "Password": "mymymy123*123*123",
  "EnableSsl": true
}

😇 This is more secure:

"SmtpSettings": {
  "Host": "smtp.office365.com",
  "Port": 111,
  "Username": "[email protected]",
  "Password": "hashedPassword(like: 7uhjk43c356xrer1)",
  "EnableSsl": true
}

You should not set critical datas like passwords, (even usernames), in your config files. It can be dockerfile or appsettings.json. You should not.

You must create encrypted values. When you read config, you convert hashed data to raw value.

✍️ See this: https://stackoverflow.com/a/10177020/19262548

79762656