If I have micro-services communicating over RPC through RabbitMQ, is it safe to send secure info (Passwords etc) in plain text in this way?
I assume so because any 'hacker' would need to gain access to my server in order to read the messages, in which case I'd be in trouble anyway, but I'd just like clarification from the security experts out there. Thanks!
you have also to consider client side applications.
I think that it is never save to send secure info in plain text, unless you have a secure network client side and server side.
You could use https://www.rabbitmq.com/ssl.html or use some crypto library as https://nacl.cr.yp.to/stream.html