Even if that idea had an merit (which I don't think it does) it has no use in combination with secure strings. If would in fact make applications much less secure. Let me exemplify:
Take a webserver, let's call it Roxen. This Roxen loads user-creatable scripts and modules. The author of the htaccess-module decides that storing the user:crypt(passwd) pairs in secure strings would be good to avoid printing them in a backtrace by mistake. This works fine for a while until a user reports that his Roxen no longer works because the htaccess module keeps crashing.
It turns out this is because this user loads another module that parses some sort of passwd file where one of the entries is a match for one of the entries the htpasswd module has loaded, but without the secure string.
There is two way of resoling this situation, but the only reasonable one - and the one that will be used - is to remove the secure bit from htaccess to avoid other random breakage.