Well, This is how it looks on R77.30 (no hash, no plain-text password):
dbedit> print users admin
Object Name: admin
Object UID: {9813617A-70C8-4DF6-ADA6-A4BD87FCE69B}
Class Name: user
Table Name: users
Last Modified by: admin
Last Modified from:
Last Modification time: Sun Sep 9 08:18:44 2018
Fields Details
--------------
accessible_from_smc: true
admin_expiration_base_data: admin (
expiration_date: 31-dec-2030
expiration_date_method: expire at
expiration_date_visual_notif: true
)
administrator: false
administrator_profile: NULL
auth_method: Internal Password
color: black
comments:
connection_state: uninitialized
creation_date: 8/27/2018
days: 127
destinations: Name: Any (Table: globals)
email:
expiration_according_to_global_def: true
expiration_visual_indication_mgmt: true
fromhour: 00:00
generic_profile: false
generic_profile_settings: (
<NULL>
)
groups: Name: TESTING (Table: users)
internal_password: Sensitive Info Removed
name: admin
notdelete: false
phone_number:
radius_server: Name: Any (Table: globals)
sic_identifier: (
id_type: ip_addr
id_value:
)
sic_name:
sources: Name: Any (Table: globals)
tacacs_server: Name: Any (Table: globals)
tohour: 23:59
type: user
use_fw_radius_if_exist: true
userc: (
FWZ: (
<NULL>
)
IKE: (
isakmp.authmethods: signatures
isakmp.data.integrity: SHA1
isakmp.encmethods: DES 3DES
isakmp.encryption: 3DES
isakmp.hashmethods: MD5 SHA1
isakmp.shared.secret:
isakmp.transform: ESP
)
accept_track: Name: Auth (Table: tracks)
use_global_encryption_values: true
)
And from GuiDBedit:
So the password (in hash), must be stored in some database.
Kind regards,
Jozko Mrkvicka