I know in winbox, when i do an export of my "Managed" tab entries the resulting .WBX file contains all my saved device passwords, un-encrypted in plaintext. That is fine for an export (as i just encrypt that .WBX file for storage).
However when i import my .WBX file into winbox (after an winbox upgrade for example), winbox then seems to then save a .CDB file (also un-encyrpted) and requires that this .CDB file exist/remain in place (if you then re-encrypt the .CDB file after importing , all your managed devices in winbox, disappear - obviously winbox accesses this .CDB file every time it launches, and requires that it be un-encrypted).
This clearly is not a good situation security wise as you now have a plain text file sitting your PC with all your mikrotik passwords.
Is there anyway this can be fixed? (either by encrypting the .CDB file or making it such that when you import a .WBX file winbox then stores the entries in some kind of encrypted cache or in the registry - so that you dont have to have a plaintext file with all your passwords lurking on your pc)
Please dont reply with " just un-check "keep Passwords in winbox" " that is not a solution to this security issue, nor a solution when you have 100s of mikrotiks and wish to employ password diversity.