The unencrypted data should only be in memory when needed (copied to clipboard, shown on screen etc). After use the objects handling sensitive should overwrite themselves.

A string falling out of scope in C++, or an object being left to the garbage collector is still readable and not overwritten by default. It’s a very easy problem to solve in C++, either through custom allocators or destructors. But it makes a bigger difference when objects having short lifetimes