Currently if you would like to use the Two Factor Authentication feature a set of parameters have to be included in the settings.json. This includes an SMTP account and password.
I would like to be able to store these settings in IAM's global configuration page. The settings values should also be hashed on the IAM database. I do not want my password to be stored as plain text.
This will allow me to stored these setting in a safe way in IAM and no longer have them included in a .json file which is located on my server.
For Azure (and AWS it's something similar) there is a trick to store the data from config.json in the management environment of your app service.
For IIS I know there is something similar for the web.config file. For the appSettings.json I don't know (haven't searched for that).
Maybe this can solve your problem? Problem having this stored in IAM is, that it is still way to accessible.