This sounds to me like the scriptkiddies who use some "don't use your right mouse button" script to 'hide' other javascripts that the stole from numerous sites ;)

If you are developing something with more people, I take it that these people need that password too. If not, there's no need for a password in there. If they have their own password, use something like $HOME/.configuration, or just accept it as a parameter.