Closures  to the rescue! Create a function that is available globally in the success handler of the xhr request which will wrap the value of the data returned by the server in a read-only manner. The global scope of the closure makes the unencrypted authentication data readable by anyone who requires it