Shall I hash users of my portal when password is generated by server and user cannot change it? Logically:
User can't use this passwords anywhere else as it is server-generated.
Even when somebody access database illegally, they can change password and see it, but it is useless for them as it is not used anywhere else.
Am I right? Or hashing still should be implemented...?