Is the UserPassWord variable, still valid for MPL? If not, is there any other way to retrieve the user password, without manipulating with the users.dat file?

.----- --- -- -
| Another Droid BBS
: Telnet : andr01d.zapto.org:9999 [UTC 11:00 - 20:00]
. Contact : xqtr@gmx.com

--- Mystic BBS v1.12 A41 2018/12/27 (Raspberry Pi/32)
* Origin: Another Droid BBS # andr01d.zapto.org:9999 (21:1/111)

Is the UserPassWord variable, still valid for MPL? If not, is there any other way to retrieve the user password, without manipulating with the users.dat file?

You will never be able to see a user's password, even as a SysOp.

Mystic itself doesn't even store user passwords anymore by default, they are stored using a variable rate PBKDF2 process, which is the same level of secure storage used by password managers like 1Password, LastPass, etc

I would suggest reading the WHATSNEW it discusses the e-mail functions that have changed via MPL but you will not ever get their password. There are
three password related MPL functions (the last one checks against password policy):

Function CheckPW (PW: String) : Boolean;
Procedure SetPW (PW: String);
Procedure ValidPW (PW: String) : Byte;

--- Mystic BBS v1.12 A43 2019/02/08 (Linux/64)
* Origin: Sector 7 (21:1/108)

Mystic itself doesn't even store user passwords anymore by default, they are stored using a variable rate PBKDF2 process, which is the same level of secure storage used by password managers like 1Password, LastPass, etc

So, reading and getting the pass from the users.dat file, can't be done anymore? I am asking, cause i have no idea what's pbkdf2 and how it works :)

In the settings, i use plain text passwords and not encrypted. In this case
the users.dat method can be done?

Thank you for your replies :)

.----- --- -- -
| Another Droid BBS
: Telnet : andr01d.zapto.org:9999 [UTC 11:00 - 20:00]
. Contact : xqtr@gmx.com

--- Mystic BBS v1.12 A41 2018/12/27 (Raspberry Pi/32)
* Origin: Another Droid BBS # andr01d.zapto.org:9999 (21:1/111)