We have a Pro geoprocessing tool that will eventually be published as geoprocessing service. This tool requires Portal authentication to access secured feature services. Currently we are saving built-in Portal username and password into a config file, but I wonder if there's a way to avoid saving password as cleartext (also don't want to prompt user every time they use the GP tool or service) and handle the authentication.
This is one of those age-old programming questions, and the answers range from quite involved and very secure to simple and basically secure. Although dated, the discussion at security - I need to securely store a username and password in Python, what are my options? - Stack ... is still mostly relevant today. I especially like drodgers answer because he present several different approach with basic trade offs of each approach.