and this all comes down to protecting secrets. I like @jkabot’s custom record idea since it can leverage built in permission security. If PCI wouldn't like it to be plaintext viewable even by admins, encrypting the passwords with a key held elsewhere, perhaps in a script would remove the plaintext issue. However, in the end you're protecting a secret somewhere.