encryption question

[loosenut]

Hi,

Pardon my ignorance on this, I'm a new user.

I'm running SugarCE on Version 6.0.1 (Build 4143) on a shared hosting service (iPage.com), and I'm a little concerned about security. If another user on the system got access to my files, would it be possible for them to read my databases? If somebody got root access, would they be able to (i assume that it would be much easier with root access)?

How much of my Sugar data is encrypted? Is my login and password encrypted, or stored as plaintext on the system somewhere?

Mostly I'm concerned that someone could figure out my login/password, but if the data isn't encyrpted, they wouldn't even need that, would they?

PS - I'm not talking about SSL. I've got it set up so I can only access Sugar through SSL. I'm more concerned about backend security.

Thanks!

[Angel]

The only encrypted piece of data held within the database is your password. A few other minor things, like user preferences, are base64 encoded.

Your contact data, etc, are all plain text. Thus, it is possible for someone to read your data should they get access to your database.