During a recent internal review we noticed the MERC_EMAIL_MISC_QUEUE table stores the temporary password for users when a password reset occurs. Are there any STAT users who have restrictions on sending unencrypted passwords via email or storing unencrypted passwords in a database?
We understand the MERC_EMAIL_MISC_QUEUE table is included in the PURGE AGENT EVENT TABLES job but we identified other data\tables which are part of this purge that may be relevant to retain longer than the temporary passwords.
We are curiously hopeful that other STAT users have entered this discussion and could possibly share how they managed sensitive data guidelines with the STAT temporary passwords in clear text both in the email and database.