Currently the interface for StringBinding/Secret Text is an HTML input field, so when a multiple line secret is pasted in, the newlines replaced with spaces. Simply inspecting my browser and changing that field to textarea resolves that issue, so the backend seems to support them fine, just the interface could use a small tweak to support longer/larger secret strings.