The use of an empty string as a password in a configuration file is not secure.

Choose a strong password and encrypt it if it has to be stored in a configuration file.