Passwords and tokens etc. are stored in the isolated storage. When you have encryption enabled, this data is stored to the isolated storage encrypted. However, the maximum length of a string to store encrypted is 215 characters. Tokens often exceed this length. Whenever this happens, the value will be stored in the isolated storage without encryption. You will not be prompted to confirm for this.
Need more help with this?