config: Consider not storing admin pass in plain text.

[JoeGruffins]

vspd/config.go

Line 66 in e42b1ca

AdminPass string `long:"adminpass" ini-name:"adminpass" description:"Password for accessing admin page."`

Per SEI CERT C Coding Standard it is best practice not to store plain text passwords in memory or on disk. This could be removed from memory, mostly, by storing the sha256 hash of the admin pass, and constant-time comparing the hashes of incoming passwords. For input on startup, the secure terminal could (optionally) be used which works without a gui to input the pass every start-up.