If you want to hide away passwords, you need to solve your problem on the OS level, not in Perl.

For example, on a shared webserver you better hide away your database passwords and/or database files (if you use something like DBM). I do this by limiting access to the files that contain sensitive information: Only my userid is allowed to access these files (the proverbial chmod g-rwx,o-rwx myscript.cgi). The programs working with that information either run from my account (e.g. via cron) or as wrapped CGIs (ie., they run under my userid instead of the webserver's).

This leaves me with no need for obfuscating the source code, and is definitely more secure than any obfuscation method someone could come up with.