Obfuscation
Typically, it is not desirable to have plaintext passwords in configuration files. One way to avoid this is obfuscation. This is not a secure encryption. However, it is sufficient enough so that unauthorised persons cannot read the password from a screen.
An obfuscated password always starts with OBF:
The encryption (and decryption) can be done with the Admin Console and a script.
In addition, the two functions obfuscate(a) and de-obfuscate(a) are available.
Extended Security
If obfuscation is not secure enough for you, please have a look at section Masked and Encrypted Passwords in Configuration Files.