[tsimionescu]

Hashing is not an option for locally saved passwords. Some kind of token-based Auth scheme could work, but not hashed passwords.

That said, the much greater problem is the idea of using a hard-coded key, instead of generating a unique key for each device/installation.

[d1str0]

Unique keys don’t help much. It only takes one person to write a script and put on github so that it can dynamically find the key and unencrypted stored password.