> Who are you hiding them from? Anyone with access to the Asterisk server > can already do far more damage than extracting these passwords. You may (like we do) want to store config files in a version control system in a common repository. People who have access to that repository don't necessary have access to the Asterisk server.