Description of the feature request
For sensitive information such as the signing key to android keystore, it may be good to require the user password to view the passwords for that session, giving the option to turn this off in account settings.
Use case / for what or how I would use it
If I leave my computer open with Bitrise logged in, it would be trivial for someone to show the password for my certificate / Keystore file.
There are numerous plugins that require private information such as the iTunes Connect Deployment services. If someone were to copy access tokens from my machine to this site, they would be able to easily download all my passwords for developer accounts.