Forgot to write this:
- Now key generate using GGUID (HttpService) as AES key (key still generated for once only)
- After set_pass you cant change/modify the pass again (its only one-time use),and when new pass filled next AES encrypt/decrypt will be use the new pass key.