You could store credentials for Pip to use in
~/.netrc like this:
machine pypi.example.com login johndoe password changeme
Pip will use these credentials when accessing
https://pypi.example.com but won’t log them. You must specify the index server separately (such as in
pip.conf as in the question).
~/.netrc must be owned by the user
pip executes as. It must not be readable by any other user, either. An invalid file is silently ignored. You can ensure the permissions are correct like this:
chown $USER ~/.netrc chmod 0600 ~/.netrc
This permissions check doesn’t apply before Python 3.4, but it’s a good idea in any case.