I’m thinking of writing a package which would require the user to input username and password which will be used towards an external service on the web. The package would integrate towards this service. Is there any reasonable secure way I could achieve this? A simple configuration variable does not seem good enough since the config file is generally readable by anyone on the system where Atom is installed.
The service supports sessions, but they have a limited timespan and not a permanent solution.
The service does not support tokens (which would be ideal - just as github and travis-ci-status does).