Yes, good idea. Of course, this isn't any more secure (and his problem was one of security), since his password to the proxy has already been sniffed :)
Seeing security is already weak, I'd just permanently set the http_proxy_password variable in the Windows settings (right click on "My Computer") and not worry about it.