Adding a password type parameter to a build causes that password to be passed to gradle like this:

-Dpassword=mySecret

This is fine, but the password should be obfuscated with ***** in the logs. I suspect this line is wrong https://github.com/jenkinsci/gradle-plugin/blob/master/src/main/java/hudson/plugins/gradle/Gradle.java#L215 and I know other jenkins plugins handle this properly, but I'm not sure of the exact fix.