To tack onto that, IMO it would make more sense if the password situation were
handled by the DBD:: end, say via inclusion of support for the various dot
files that every DB seems to love (.mysql at least comes to mind, pretty sure
there is a postgres equiv, etc.). Otherwise your opening DBI up to a can of
worms if its being relied on to store the password in any encrypted fashion
when its real purpose is to provide the foundation layer.
That could be a lack of coffee in my diet today talking though.