No-IP Dynamic Update Client (DUC) v3.x uses cleartext credentials that may occur on a command line or in a file. NOTE: the vendors position is that cleartext in /etc/default/noip-duc is recommended and is the intentional behavior.
The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.