These are some blocks I made that interface with the javascript localStorage API allowing to store data persistently even after refreshing, something variables don't have the capability of.
save [] with value [] :: sensing
(value of [] :: sensing)
delete value [] :: sensing
clear storage :: sensing
Anyways you can try these blocks here, and don't forget to enable JavaScript extensions
The procedures store the data in the same place, localStorage, but in -snap-project-[key].
The direct JS functions allow you to modify all what Snap! has stored, which I don't recommend.
It wouldn't be your password, it would be a session token. I also never thought of this before... This is why you have to enable javascript, you're supposed to read the code to decide if it's safe or not.
I don't think Snap! stores passwords in local storage. I looked through each key that Snap! initialized, even the internal ones, and I couldn't find my password anywhere, even through Base-64. So I think we may be safe.
Correct me if im wrong, but I believe tokens are stored in cookies, and the cookie is set to http only, which means javascript cant access it, and it can only be retrieved by the server when the client bundles the cookies with the rest of the web request.