Sun Feb 03, 2019 5:26 pm
In a word, no.
Some encryption algorithms (notably CHAP) require the plaintext password so PPP secrets (for servers), passwords for VPN/PPPoE clients, wireless PSKs, etc. are all stored as plain text in the configuration file.
Only trusted administrators should have full access to the Mikrotik. When using Winbox the 'Hide Passwords' option replaces the text with * to prevent casual observation, from the command line the configuration can be exported without password, etc., using '/export hide-sensitive'.
You can also create additional Mikrotik logins with fewer permissions, for example to allow support staff access for monitoring purposes but not see sensitive information.