If I activate the plugin on a new or pre-existing site, the token and server URL field are automatically filled in with the most recent one saved on any other site.
This is using the plugin on a network install as a simple site plugin not as a multisite network plugin.
It is not really desirable to disclose an auth token, any way to stop it?
Great plugin otherwise! ;-)