The LDAP bind password for the ldap authentication module is stored clear text in the database. This is a big red flag for a client I am working with. Wondering if anyone has a customization for encrypting the bind password so that it is not stored plain text. Maybe the existing salt in config.php could be used to salt it. It couldn't be one-way hashed like the current user passwords, since Totara needs to be able to get at the plaintext version of the password in order to perform bind.

Thoughts? Me toos?