diff --git a/config.ini.sample b/config.ini.sample
index 538eade..65ed8ea 100644
--- a/config.ini.sample
+++ b/config.ini.sample
@@ -1,128 +1,128 @@
 ;
 ; Configuration file for OpenXCAP
 ;
 ; The values in the commented lines represent the defaults built in the
 ; server software
 ;
 
 [Server]
 
 ; IP address to listen for requests
 ; 0.0.0.0 means any address of this host
 
 ; address = 0.0.0.0
 
 ; port to use. If you use https for the root it should probably be 443
 ; port = 80
 
 
 ; This is a comma separated list of XCAP root URIs. The first is the
 ; primary XCAP root URI, while the others (if specified) are aliases.
 ; The primary root URI is used when generating xcap-diff
 ; If the scheme is https, then the server will listen for requests in TLS mode
 ; if a valid key and certificate are provided. The server supports operating
 ; behind a reverse proxy if the correct forward headers are set.
 
 root = http://xcap.example.com/xcap-root
 
 ; The backend to be used for storage and authentication. Current supported
 ; values are Database and OpenSIPS. OpenSIPS backend inherits all the settings
 ; from the Database backend but performs extra actions related to the
 ; integration with OpenSIPS for which it read the settings from [OpenSIPS]
 ; section
 
 backend = OpenSIPS
 
 ; Validate XCAP documents against XML schemas
 
 ; document_validation = Yes
 
 ; Allow URIs in pres-rules and resource-lists to point to lists not served
 ; by this server
 
 allow_external_references = No
 
 ; List os applications that won't be enabled on the server
 ;disabled_applications = test-app, org.openxcap.dialog-rules
 
 [Logging]
 
 ; Start, stop and major server error messages are always logged to syslog.
 
 ; This section can be used to log more details about XCAP clients accessing
 ; the server. The values in the commented lines represent the defaults built 
 ; in the server software
 
 ; Directory where to write access.log file that will contain requests and/or
 ; responses to OpenXCAP server in Apache style. If set to an empty string,
 ; access logs will be printed to stdout if the server runs in no-fork mode
 ; or to syslog if the server runs in the background
 
 ; directory=/var/log/openxcap 
 
 ; The following parameters control the logging of requests/responses based
 ; on the response code. The values must be a comma-separated list of HTTP
 ; response codes or one of the keywords 'all' or 'none' to match all or
 ; no response codes respectively. Default is none.
 
 ; log_request=none
 ; log_response=none
 
 
 [Authentication]
 
 ; The HTTP authentication type, this can be either 'basic' or 'digest'. The
 ; standard states 'digest' as the mandatory, however it can be changed to
 ; basic
 
 ; type = digest
 
 ; Specify if the passwords are stored as plain text - Yes
 ; or in a hashed format MD5('username:domain:password') - No
-; cleartext_passwords = Yes
+; cleartext_passwords = No
 
 ; The default authentication realm, if none indicated in the HTTP request
 ; URI
 default_realm = example.com
 
 ; A comma-separated list of hosts or networks to trust.
 ; The elements can be an IP address in CIDR format, a
 ; hostname or an IP address (in the latter 2 a mask of 32
 ; is assumed), or the special keywords 'any' and 'none'
 ; (being equivalent to 0.0.0.0/0 and 0.0.0.0/32
 ; respectively).
 ; trusted_peers =
 
 
 [TLS]
 
 ; Location of X509 certificate and private key that identify this server.
 ; The path is relative to /etc/openxcap, or it can be given as an absolute
 ; path.
 
 ; Server X509 certificate
 ; certificate =
 
 ; Server X509 private key
 ; private_key =
 
 
 [Database]
 
 ; The database connection URI for the datase with subscriber accounts
 authentication_db_uri = mysql://opensips:opensipsrw@localhost/opensips
 
 ; The database connection URI for the database that stores the XCAP documents
 storage_db_uri = mysql://opensips:opensipsrw@localhost/opensips
 
 ; Authentication and storage tables
 ; subscriber_table = subscriber
 ; xcap_table = xcap
 
 
 [OpenSIPS]
 ; Publish xcap-diff event (using a SIP PUBLISH)
 ; publish_xcapdiff = yes
 
 ; SIP proxy where the PUBLISH will be sent
 ; outbound_sip_proxy = sip.example.com
diff --git a/xcap/configuration/__init__.py b/xcap/configuration/__init__.py
index 98a3f50..95b1071 100644
--- a/xcap/configuration/__init__.py
+++ b/xcap/configuration/__init__.py
@@ -1,80 +1,80 @@
 from application.configuration import ConfigSection, ConfigSetting
 from application.configuration.datatypes import IPAddress, NetworkRangeList
 
 from xcap.configuration.datatypes import (DatabaseURI, Path, ResponseCodeList,
                                           XCAPRootURI)
 from xcap.tls import Certificate, PrivateKey
 
 
 class AuthenticationConfig(ConfigSection):
     __cfgfile__ = 'config.ini'
     __section__ = 'Authentication'
 
     type = 'digest'
-    cleartext_passwords = True
+    cleartext_passwords = False
     default_realm = ConfigSetting(type=str, value=None)
     trusted_peers = ConfigSetting(type=NetworkRangeList, value=NetworkRangeList('none'))
 
 
 class ServerConfig(ConfigSection):
     __cfgfile__ = 'config.ini'
     __section__ = 'Server'
 
     address = ConfigSetting(type=IPAddress, value='0.0.0.0')
     port = ConfigSetting(type=int, value=80)
     root = ConfigSetting(type=XCAPRootURI, value=None)
     backend = ConfigSetting(type=str, value=None)
     allow_external_references = False
     tcp_port = ConfigSetting(type=int, value=35060)
 
 
 class TLSConfig(ConfigSection):
     __cfgfile__ = 'config.ini'
     __section__ = 'TLS'
 
     certificate = ConfigSetting(type=Certificate, value=None)
     private_key = ConfigSetting(type=PrivateKey, value=None)
 
 
 class DatabaseConfig(ConfigSection):
     __cfgfile__ = 'config.ini'
     __section__ = 'Database'
 
     authentication_db_uri = ConfigSetting(type=DatabaseURI, value=None)
     storage_db_uri = ConfigSetting(type=DatabaseURI, value=None)
     subscriber_table = 'subscriber'
     user_col = 'username'
     domain_col = 'domain'
     password_col = 'password'
     ha1_col = 'ha1'
     xcap_table = 'xcap'
 
 
 class OpensipsConfig(ConfigSection):
     __cfgfile__ = 'config.ini'
     __section__ = 'OpenSIPS'
 
     publish_xcapdiff = False
     outbound_sip_proxy = ''
 
 
 class LoggingConfig(ConfigSection):
     __cfgfile__ = 'config.ini'
     __section__ = 'Logging'
 
     directory = ConfigSetting(type=Path, value=Path('/var/log/openxcap'))
 
     log_request = ConfigSetting(type=ResponseCodeList, value=ResponseCodeList('none'))
     log_response = ConfigSetting(type=ResponseCodeList, value=ResponseCodeList('none'))
 
 
 class ThorNodeConfig(ConfigSection):
     __cfgfile__ = "config.ini"
     __section__ = 'ThorNetwork'
 
     domain = ""
     multiply = 1000
     certificate = ConfigSetting(type=Certificate, value=None)
     private_key = ConfigSetting(type=PrivateKey, value=None)
     ca = ConfigSetting(type=Certificate, value=None)