The Blink1Control2 application <= 2.2.7 uses weak password encryption and an insecure method of storage.