@andreus91 Well, if you are using Orchestrator you can securely store passwords in there. You use a GetAppCredentials invoke in order to retrieve it, it’s also secure. Actually depends on the infra you are using, both are secure
Here you can learn about windows credentials activities.
Best practice is using these both activities, because you can save the user and pw in a txt file or a excel spreadsheet or hard coding it, but the best practice is to use the vault windows provide or if you are using orchestrator what I commented above, you can think about why is not a good practice to expose a sensitive pw to a code level, I mean there is nothing wrong saving it on a spreadsheet, on cell A2 but the spreadsheet needs to be secured itself with a pw, you rather use the activities that store and treat the text as secure text. Here you can learn about it secure strings.
if this answer your question please mark it as solve.
regards.