Can you reconfirm that? I would have expected "encrypted password" in this context, not "encrypted token".Secondly, neither of them store your encrypted token anywhere on their servers, it's just used as a passthrough to Tesla for authentication.
As far as I know the token is definitely stored on the server at least for teslafi - otherwise it wouldn't be able to actually poll the cars for current data.
The password doesn't need to be stored on the server in any form and - again, as far as I know - isn't.