There are several options; DBIx::Password is one of them, but I prefer to reinvent wheels and use an hand-made configuration singleton. I keep all the configurable values in a file readable by Config::General and limited by Class::Singleton:

#configuration file
<system>
  dsn        dbi:Oracle:dbname
  username   dbuser
  password   dbpwd
  <environment>
    ORACLE_HOME /ora92/product/9.2.1.0
  </environment>
</system>
[download]

Values are accessible using paths inside configuration file; for example, the following code is used to connect to an Oracle database:

my $conf = Configuration::Singleton->instance;
my $address = $conf->value('system/dsn');
my $user = $conf->value('system/username');
my $pwd = $conf->value('system/password');
my $environment = $conf->value('system/environment');
while ( my ($variable, $value) = each %$environment ) {
  $ENV{ uc($variable) } = $value;
}

my $dbh = DBI->connect( $address, $user, $pwd,
                        { RaiseError => 1,
                          AutoCommit => 0
                        }
) or die "$DBI::errstr";
$dbh->{FetchHashKeyName} = 'NAME_lc';
[download]

The summary is: use some sort of configuration method. BTW, if you are using MySQL please note that it accepts the name of a configuration file in the connect string, see this trick told to me by gmax for a useful example.
Remeber to keep your configuration files out of the document root and restrict access to them.