Currently, credentials for performing a deployment must be specified in the settings.xml. However, if a Maven repository is set to use LDAP for its authentication mechanism, this means exposing domain security credentials in plaintext in a static file on the hard drive and is extremely insecure (as specified in the documentation: "Unfortunately, Maven doesn't currently support hashed or encrypted passwords in the settings.xml"). This is simply not workable in a secure environment, e.g. government, defense, financial, etc.
Instead there should be an option to provide these credentials on the command line or using hash or encryption algorithms.