JavaScript  haschanged  a bit, but problem with global state. And this is exacerbated by  the solution presence of the developers console. This problem  is still familiar: closures! known by almost all JavaScript developers who have relied on global state. It seems that we can apply the original solution to this problem in order to solve our storage issue.  We can create a function that is available globally in the success handler of the xhr request which will returned the decrypted authentication information in a read-only manner. The global scope of the closure makes the unencrypted authentication data readable by anyone who requires it