Passwords stored in plaintext config file – still recoverable after deletion

Hi,

Just a quick heads-up: I noticed that Mailwatch stores email account passwords in plaintext in the config file:

~/.config/xfce4/panel/mailwatch-.rc

Even after deleting the file, the passwords are still easily recoverable using tools like PhotoRec. That's how I found mine — fully readable 😱

I know this has probably come up before, but it still feels risky, especially for users who don’t use full-disk encryption and may not expect this kind of storage.

Would it be possible to show a warning or consider using a safer storage method?

Thanks for your work.