SUMMARY
Sorry fotr the bug name, but couldn't find a better way to put it.

Creating an access point is easy, but by default it creates an unprotected network which most people probably wouldn't want, however, changing this isn't straightforward.

STEPS TO REPRODUCE
1. create access point.
2. right click and go to configuration.
3. change the password and applies changes.

OBSERVED RESULT
the hotspot continues being open.

EXPECTED RESULT
the hotspot becomes protected.

SOFTWARE/OS VERSIONS
Linux/KDE Plasma: 5.11.6
(available in About System)
KDE Plasma Version: 5.21.3
KDE Frameworks Version: 5.80.0
Qt Version: 5.15.2

ADDITIONAL INFORMATION
I'm not trying to complain for the sake of complaining, but I think the ux for the access points requires some work.

For example, one of the things I tried after changing the password and seeing that the AP was still open was to disconnect the AP, and then clip the AP button again (after doing https://bugs.kde.org/show_bug.cgi?id=435133 ) but it ended up making a new entry for a hotspot with the defaults (aka open network) instead of using my previous settings.

To actually get the hotspot to be passwored, after disconnecting from AP I have to click the network name from the list (by default it's "$USER-hotspot"), note that the icon for the hotspot is the exact same as the one for wifi networks, so it looks like you're CONNECTING to a network rather than CREATING one. I think the way this feature works is complicated and non-obvious unless you're fine with using an unprotected access point.

Maybe access point should have its own configuration section and have the "access point" button read from it? and maybe have said configuration come up the first time the featured is used.

The above paragraph is just food for thought, it's very possible there are better/alternative ways to achieve this, but hopefully this will get the ball rolling.