If you use unencrypted
password in command shell execution of DTSRUN, you violate security.
Here is the alternative:
DTSRUN /Sserver_name /Uuser_nName /~Ppassword
A tilde (~) character
after the forward slash (for example, /~P) indicates that the
parameter value is encrypted and what follows is the hexadecimal
text of the encrypted value. Where do you get the password encrypted?
SQL server has an undocumented function for that.