When deploying a batch job, the UI displays the database password found in the server.yml in plain text to the user. At the very least, this should be displayed in a password field so it's masked out and have it masked out in the resulting definition at the bottom of the page. Ideally, we wouldn't provide the password on that page at all and only accept overriding options (if the user wants a password other than the configured one, enter it…otherwise, we'll use what we have).
I'm finding that this occurs in other places as well. A full pass though of the UI should be done to mask out passwords (or eliminate their display all together).