Client password considerations
Qlik Replicate follows industry best practices for securing credentials, including the defense-in-depth practice of keeping all credentials encrypted in memory except for the short time they need to be used.
Still, third-party database clients may not adhere to these best practices and leave clear passwords in process memory. Qlik cannot take responsibility for such cases and advises taking this concern up with the database client vendor in the event that such a vulnerability is discovered.