S3 Bucket credential keys (both access and secret) are stored/managed in such a way that anyone with access to the config page can easily retreive them (easy as in view-source).

Once saved, they should not be retrievable through the web interface.