The use of an empty string as a password in a configuration file is not secure.

Choose a proper password and encrypt it if you need to store it in the configuration file.