I agree with most responses that the encrypted string is more of a convenience factor than addressing security.  Executing the package using Windows/AD integrated security would truly constitute security in my view.

Regards,

Uday