1) You can do exactly what you have proposed:

See https://winscp.net/eng/docs/scriptcommand_open#syntax

Though it has its caveats, see:
https://winscp.net/eng/docs/scripting#configuration
https://winscp.net/eng/docs/faq_scheduler

2) But passwords are not really encrypted, they are merely obfuscated. It's not technically possible to encrypt anything and yet allow its automatic use.

https://winscp.net/eng/docs/security_credentials#storing_password
https://winscp.net/eng/docs/guide_protecting_credentials_for_automation

Hey guys,

I wanted to drop this possibly high desired feature by you. So I have a script that is required by the company to keep credentials secured (or encrypted) on client servers. What I was thinking was, since how the user and password is stored already and, i believe, encrypted within WinSCP, would it be possible to call a 'site' from the saved sessions? So instead of having to put in something like "open ftp://user:password@192.168.0.1/"...

Maybe put in a call feature that can be used. SO in the script something like... "open ftp://%EDIConnection%" or whatever the site name is in WinSCP UI. This would alleviate any need of having to 'create' an encryption for the password and since we are already having to call the script from the root of WinSCP anyways, this could utilize the already stored credentials/site information already stored in the UI. Don't get me wrong the option for the other encryption options for C# and powershell and .Net is good and all but I'm not familiar enough with Visual studio to get this done and it would be secure for ANY who decides to use this already great program. And since you already have a way to store the credentials securely, why not just call it from WinSCP function? This is just a thought guys, let me know what you think..