Currently the private keys and passphrases are only Base64 encoded when stored in the database, they're not encrypted at all. It would be nice if we could better protect this data in upcoming releases. Base64 is just encoding and can be reversed, so it's not secure. If we could encrypt this data and store an encrypted version of them, it would be great, as this can be a major security concern for users.