[ic] Email login links without plain text password

Josh Lavin jlavin at endpoint.com
Thu Sep 15 17:46:07 UTC 2016

Quoting IC (ic at tvcables.co.uk):
> The email links we send out for customers to check orders and print receipts
> have their passwords in plain text which is not good, is there a way to
> provide an auto login area link without showing the plain text password.

Hi Andy,

Sounds like you have either a custom receipt or an old one. You may wish
to review the current mail receipt used by the Strap template:


It only sends the "password" in the email if the user wasn't logged in;
that is, an auto-created user will get the link to check order status,
and the password is typically their phone number. You can always remove
this (line 107, etc).

Josh Lavin
End Point Corporation

More information about the interchange-users mailing list