If we were to store QuestyCaptcha questions and answers in an automatically encrypted page, whose plaintext is viewable only by sysops, then we could use the revision history system to store old copies of it, and changes would not require edits to LocalSettings.php.
The content to be saved to the page should be encrypted by, e.g., a [[mw:Manual:Hooks/PageContentSave]] function. [[mw:Manual:Hooks/ParserBeforeStrip]] could be used to display to the sysop a decrypted version of it. It would also be necessary to put that decrypted text in sysops' edit windows when they edit; I haven't tried to figure out yet what hook that would be.
Encryption keys could be stored in, say, [[mw:Manual:page_props]] or maybe [[mw:Manual:user_properties]] or [[mw:Manual:config table]].
Version: unspecified
Severity: enhancement
See Also:
https://bugzilla.wikimedia.org/show_bug.cgi?id=34911