Security hole in CommercePortal Attain 3.10

Dear all, I want to inform you, that the SQL-Password for the SQL-User ID in the CommercePortal Setup is NOT crypted. The user who is maintaining CommercePortal and NOT maintaining the SQL-Server can see the Password of the SQL-Server-account. If the SQL-Login-ID is e.g. “sa” with the “*********” (passwordtext!!! I can’t beleive it) you can see the clear password by pressing ctrl-F8 (zoom). Passwords generated by the system for the CommercePortal Users (in the contact table) are crypted correct (e.g.D601AF4BCDE5AA8E19A4DB811E59F40F) and will be encrypt by the ‘NFEncrypt 1.0 Type Library’ during runtime. So, if you are the Navision Administrator and NOT the SQL-Administrator please inform the SQL-Administratot that the password is NOT crypted and set up a special account for the SQL-Login-ID in the SQL-Database that can connect to the SQL-Server. As well, be aware of the permissions and roles you assign to other (Navision) users (ZOOM)! Regards Walter