thelonelycoder
Part of the Furniture
OK, I get your concern.I am strongly against email notification as long as the smtp password is stored in plain text. Plain text, for crying out loud. For the rest: I really like AB-Solution ;-)
But realistically, this is your router the pw is stored on, the connection to the smtp server is encrypted just as in your desktop mail client (hopefully).
The email config file has admin user rw rights only (the only account that makes sense on the router).
It is in plain text as even if I would encrypt it, I would have to place the ent-decryption code on the very same router.
Given that you are concerned about someone stealing that info, the intruder would have to have either physical access to the USB device or have your router credentials and be able to connect to it over SSH or Telnet. I presume these services are not accessible from WAN on your router.
Given that access, however gained, a dump of the nvram content also gives plaintext passwords of your router's admin account as well as other credentials.
Just my 2 cents.