A 128-bit encrypted Secure Sockets Layer (SSL) connection for Plesk control panel interface is established between server and client machines. The SSL certificate used by Plesk is a "dummy" certificate that can be used to establish a secure connection, but customers are encouraged to purchase their own SSL certificate for Plesk server so that they can be sure the connection is authenticated. Plesk also requires the use of MD5 shadow passwords on the server to protect system account information.
It is important to understand that Plesk does not control every aspect of your server. Plesk itself is secure within the context of its usage; however, a standard operating system installation is inherently insecure and requires manual user intervention to ensure security of a server. Administrators must take security precautions within their operating systems. Specifically, you should consult documentation on the appropriate Linux or UNIX OS running on your server, especially those documents relating to remote access and firewall security.