If you use unencrypted password in command shell execution of DTSRUN, you violate security. Here is the alternative:

DTSRUN /Sserver_name /Uuser_nName /~Ppassword /Npackage_name /~Mpackage_password

A tilde (~) character after the forward slash (for example, /~P) indicates that the parameter value is encrypted and what follows is the hexadecimal text of the encrypted value. Where do you get the password encrypted? SQL server has an undocumented function for that.