Typically, it is not desirable to have plaintext passwords in configuration files. One way to avoid this is obfuscation. This is not a secure encryption. However, it is sufficient enough so that unauthorised persons cannot read the password from a screen.
An obfuscated password always starts with OBF:
The encryption (and decryption) can be done with the Admin Console and a script. See also the plugin Encode/Decode.
In addition, the two functions obfuscate() and de-obfuscate() are available.
Extended Security
If obfuscation is not secure enough for you, please have a look at section Masked and encrypted passwords in configuration files.