I recently set up auto update via Cisco. I entered in my CCO username and password via GUI. As I entered the password, the characters were displayed as dots. A little later, I was in the IPS via CLI. I noticed in the 'show config' my CCO username and password are both in the clear. Is there a way to encrypt my password? I am assuming Cisco developers intended for me to use my CCO. Should I be using another CCO id? Maybe a generic corporate userid that only has IPS signature update capabilities.
Not at current but they are working on it.
I opened a TAC case as if you setup a blocking device it also stores your credentials and the enable password in the clear though the config file is encrypted on disk.