The problem of eliminating clear text passwords from all media has a long history of failure and success. In the first years of the HTTP protocol, designers, despite existence of asymmetric encryption, decided not to use anything. Later, having been burned by cleartext passwords, they added base64 encoding. Which, as one may guess, did not fool anyone in the business of retrieving those passwords.
Luckily – Netscape introduced the SSL tunnel for HTTP, which was widely and enthusiastically accepted. This eliminated some of the threats, but had nothing to do with protecting the password storage. Most systems that interact with an authenticated service over HTTP still have to figure out a way to store these credentials. The alternative is for the serivce in question to use something like OAUTH or a distributed ticketing system (ala Facebook or Twitter). But, for most systems that need to interact with an authenticate service of HTTP this is a serious problem. If you need to deploy to an authenticated repository manager like Nexus, how do you avoid putting your password into your build?