nos2x browser extension stores private key as unencrypted

Saved private key can be found plain text HEX form from the filesystem.

$ grep -R "c205ffc019a61eda35a42603b17a162ff31132e8e8ce956e94f8a2021c63108e" *

grep: config/google-chrome/Default/Local Extension Settings/khplclboobafmlobeabnmnjmdkhnjpmm/000003.log: binary file matches

Even using the "show key encrypted" and setting the password wont change this.

When I enter my private key and use "show key encrypted" option, it will encrypt my key and show QR code for ncryptsec but if I try to save it, I get error: PRIVATE KEY IS INVALID! did not save private key.

You shouldn't use this extension and if you are, you should switch to something else.