pfSense

Just because it is by design does not mean it is not a security issue. Saving account passwords in plain text is security issue. If it is by design, then the design is flawed and that is an issue that needs to be resolved.

read the link. There are no alternatives for such passwords.

I did read the link. And it is still a security issues. Lack of interest in resolving it does not change the fact that it is a security issue and should be resolved.

we have the ability to encrypt backups, that's what you should do. It's impossible to securely encrypt such passwords in the running config.

You have stated that it is not a security issue. It clearly is. Not doing anything about it does not change that.

you can call it anything you want, the reality is it's impossible to store such passwords in a hashed or encrypted manner that isn't trivially reversible, so encrypt your entire config.

The point is that you should not be saying it is not a security issue. Rather that it is by design due to lack of a currently known (to the developers anyway) method of resolving.

It truly is impossible to securely resolve. You won't find anything that has a secure solution for encrypting such passwords. Please stop wasting our time.

Please stop misclassifying it as not a security issue.

Sorry you feel your responses here are a waste of your time. If you feel that way just stop. Only you can decide whether or not to spend your time on something you consider to be a waste.

Insecurely storing your config can certainly be a security issue with every firewall and router. Literally every router and firewall in existence has the same "issue" of inability to securely store dyndns and similar passwords/keys that by their nature must be available in plain text during operation of the system. I'm done arguing a point you clearly can't grasp the impossibility of, move on to complaining to Cisco or someone else about the same, none are any different.

As I’ve been pointing out and you don’t seem to be grasping, just because there is "seemingly" (by your claims anyway) not a solution, does not negate the fact that it is a security issue. That's like saying because you don't know how to lock your door that there is not a security issue.

I strongly disagree though that it is not possible encrypt these passwords in both the live and backed up config. In fact I am certain of it. But due to your closed mindedness and arrogance I’ll just continue keeping it to myself since you don’t seem interested to expand your knowledge and improve this pfSense product security.

This is the last time I'm going to say it - it's impossible to do in a way that isn't trivially reversible. There's a reason literally nobody does it. Please include code to prove me wrong on any further comments.