Can the password be encrypted, or is there some other security measure I should take?
Create a new mysql-user for the Mediawiki only or pu tthe LocalSettings-php in a path not accessible for the apache and make sure it's included via php. Advantage is that it's secure against a failure of php but honestly, that happens so seldom that it's not worth the work.
The more fundamental issue, of course, is that if security is a major concern, you'd not be running a Wiki in the first place.
BTW, I've been prototyping a departmental Wiki for the Intranet at work, and it's working quite well: I'm using IIS and Integrated Windows authentication to control the basic "can you access the site or not" process. In an intranet environment with everyone using IE, this is transparent to the user, so they only see the Wiki user login - as long as they're permitted to use it.
Andy