I assume something triggered this mode. I have restarted BTT, rebooted, unchecked the box in Advanced settings:Keyboard and rebooted and still it's in secure input mode. Arggh! Now my often-used keyboard gestures are disabled.
Isn't there a way to turn this off?
BTT 2.530; 2016 13" MBP w/ touchbar; macOS 10.13.5.
unfortunately there is no way to disable it completely.
Does BTT show which app is enabling secure input?
Yes and when I quit that app (Notes) and restarted BTT, then it indicated the currently active app. I tried that a few times and now notice that if I just restart BTT, it always indicates secure input is on due to whatever the current app is. I suggest adding a way to disable secure input.
unfortunately secure input is a system feature, BTT can not influence how it is activated (BTT never activates it) ;-(
If you can't find the app that enables secure input on your system, you can enable the old keyboard shortcut implementation in the advanced preferences which can work while secure input is active but has some limitations.
I'm having the same problem. At first it was a corporate BS app that was enabling it (this is a work computer); however even after removing that app from my Login Items, the computer is still switching into Secure Input mode and it's identifying Google Chrome as the process that started it. I didn't know that Chrome did that - and in fact I'm still skeptical that it really is Chrome which is the culprit (since a lot of people use that!), although that's the Process that BTT is identifying. Quitting Chrome didn't help either.
Update: I don't think BTT is correctly identifying which app is enabling Secure Input. Because now that I've removed Chrome from Login Items, it picked another app which is equally un-responsible.
Unfortunately the mechanism to identify the problematic app is not 100% reliable. Some apps can't be recognized and the previous app that had secure input will continue to be locked in in such a case. Unfortunately I don't know of any other way to identify the problematic app.
Ok, that's what I suspected so thanks for confirming. I also assume there's no macOS API call to just force the secure input lock to be released globally?
No, that would allow malicious apps to just disable it when they want to steal your passwords 
Do you maybe have that Webroot security software installed? It is known for permanently enabling secure input.
Safari does this too, I get a notification that Safari activated secure input.
Safari should automatically disable it if the password field looses focus again.