Revised the synopsis in the original post (well... now it is entering into tutorial territory)
I don't see how a tied filehandle with a default unhidden policy is going to be a good idea at all. Consider:
Sure, interpolating a default unhidden string is always going to be "dangerous", but the fragility near a filehandle that pretends to force the values to hidden seems too far over the top. Unless I misunderstood your suggestions.
I have however, added default unhidden and hide_from options as well as manual mask forcing. Additionally, I have added localized policy setting so that one need not globally choose default unhidden (see examples in OP). Do you think that the revised synopsis addresses your concerns / describes a potentially usable tool?
In reply to Re^4: RFC: SecureString - Obfuscated / masked strings exept when you need them (revised synopsis & tied filehandles)