Access credentials and API keys are stored encrypted. After entering them when setting up a network, they will only be decrypted and used when myDash connects to the API and gets the data for you. This happens on the server with secure connections and is not communicated to the Browser which makes it more secure. No decrypted keys or passwords are ever stored or used for any other purpose as the one described above.