With this approach, neither the settings.xml nor the security-settings.xml have a clear-text password. Both of the strings inside them are encrypted, and the actual passwords are known only to the user.
Ah, ok. So you are prompted for the master password when you try to get a dependency from your repo?
We're a place where coders share, stay up-to-date and grow their careers.
We strive for transparency and don't collect excess data.