Comment 2 for bug 1671842

Thanks for reporting this.

Do you know of any other places offhand where we may expose a private credential? I agree this is an issue regardless, but I am curious from the standpoint of knowing whether there may be other config options / elements we should document as recommended to not be used (If you notice, the docs for DIB_DEV_USER_PASSWORD say "Set the default password for this user. This is a fairly insecure method of setting the password and is not advised.").