This is just a minor hack to hide the password on your globals page, so that it doesn't pop up in your browser in plain text for anyone in the room to see. It doesn't actually encrypt your password, as it's still able to be found in plain text in the globals file. If you do this, then typo your password, it's not my fault. You should be able to cut and paste this code in, but standard doom and gloom disclaimers apply.
In admglobals.php:
Locate the function and replace or add/change the following code:
function print_string_field($descr, $field, $is_int=0, $type='text')
{
if (!isset($GLOBALS[$field])) {
$str = !$is_int ? '' : '0';
} else {
$str = !$is_int ? htmlspecialchars($GLOBALS[$field]) : (int)$GLOBALS[$field];
}
echo '<tr bgcolor="#bff8ff"><td>'.$descr.': '.draw_help($field).'</td><td valign="top"><input type="'.$type.'" name="CF_'.$field.'" value="'.$str.'"></td></tr>';
}
Then a little lower in the same file, locate where the DB password is displayed:
print_string_field('Database Password', 'DBHOST_PASSWORD', 0, 'password');
That should do it. Mind you, all this does is hide the field, it's not a complete fix, which would be to have double password fields and compare them.
All I did was add to the function to allow you to specify the type, if you want something other then text, otherwise it will just default to it (which shouldn't break anything else).