I may do a video on this, I haven’t decided. And I agree, it’s insecure to have plain text passwords showing up in the command history. But also keep in mind, in order for someone to view the history and grab the plain-text password, they would have to leverage another vulnerability to give them access to your system first, so by the time they get to your password they’re already in your system. And if you have someone already in your system, security in all forms goes out the window.
Having plain-text passwords in scripts is a more serious issue if the file containing the password is world-readable, or worse, in a publicly shared storage volume. But no matter what, you shouldn’t have plain text passwords anywhere, as that is more of a best-practice thing.
I’ll consider a video on it, but no promises (yet).