Hi Jay,
Thank you for the follow up. Passwords in plain text are a big problem for enterprise software deployments and will fail a security audit with little room for dispensation.
The ability to encrypt any passwords in the yml file with your own key would be ideal. However, the key needs to reside in a keystore and you need a password for it... so the issue moves elsewhere.
I will keep track of this item you mentioned.
-Steve.