We work with MLS provider(s) that requires us to keep plaintext password for our users and provide it on request in case of `breach in the security of MLS Listing Information or a violation of MLS Rules`.

The user is accessing only copy of their data in _our_ systems, the user has no contact with MLS itself directly or indirectly.