Secure entry, storage, etc. for passwords in definition packages



We want users who create VMRoles using the gallery resources we create to not have to enter the credentials of the account that should be used for joining the machine to the domain, the credentials for the Administrator account, etc. We want those to be hardcoded into the package. That is possible currently if I am not mistaken but the password has to be entered in plain text: I would have to enter "<myusername>:<password>" for the DomainJoinCredentials field in the Operating System Profile (of a Resource Definition package). It would be great to have a secure way of doing that: secure when the password is first entered in the tool (standard way: show black dot characters instead of password characters, etc.), in the way it is stored in the package files so that it cannot be retried in any way, when the package is opened up again using the tool (show black dot characters instead of password characters) and in all other cases that I have missed.