Stefan, it sounds like you could benefit from using the server-side editing capabilities of this extension, in combination with server-side source control such as Deltanji from George James Software (for whom I work). Properly implemented, server-side source control will also control people who edit using Portal and Studio, or who use our Serenji extension for VS Code instead of the InterSystems one.

That setting affects how the ObjectScript Explorer behaves. That's the tree you get if there's an InterSystems logo on your Activity Bar and you click on it. It's the tree whose primary purpose is to let you export server code into files on your workstation that you then edit locally, probably add to a Git repo, and import to your server to run and debug it.

When you select a class or routine in that tree, and it only exists on the server (i.e. it isn't one that you have already exported locally), then the above setting dictates whether the code is opened read-only or editable.

IMO storing a password in plaintext like this should only be used as a last resort, or when the password is the default one for a built-in username. In all other cases I recommend using Server Manager's ability to store the password in your workstation's keychain.