I've done the groundwork for using the KeePassRest extension from Perl (see here - it's a plugin that provides a local REST API listener port), but I haven't had the chance to do a writeup yet or to put the stuff into a module. But if you're already using KeePass, it seems like the best way to manage passwords - the local listener starts up after you've started KeePass by entering your normal password by hand, and can retrieve username/password combinations as needed, which you then pass to WWW::Mechanize. Your scripts don't need to contain any usernames or passwords or even decryption keys.

I really need to finish that writeup.