Saving password shall be configurable option since this is insecure feature

[vt-alt]

Saving passwords in kitty.sav (1) and keeping password in memory (2) for Duplicate Session should be configurable feature, since this significantly breaks best practices on password handling.

Please add this for a host configuration so people can use KiTTY more securely.

ps. There even exists offline attacks on kitty.sav such as https://github.com/PetrP/kitty-decryptpassword

[vt-alt]

I found that there is setting for this which should be set in appropriate kitty.ini:

; userpasssshnosave: if yes, SSH password will not be save internaly (and can't be reuse automatically)
userpasssshnosave=no

Well, I wish this is easier to find. And perhaps there should be GUI checkbox for that.