One solution would be not to store the password in the class at all -- treat it as a transient value that does not persist outside the life of the authentication mechanism.
There are a couple of frameworks out there that provide the kind of authentication scheme you might be looking for. Baltimore Technologies has one called JCrypto. There's also a Sun-sponsored API called JAAS (Java Authentication and Authorization Service) that you can download from java.sun.com.
That said, login authentication is not something a programming language would typically concern itself with. You'd use the language to write one, unless the language itself is also an application. Java's idea of security has to with ensuring bytecode instructions can't be spoofed, classes can't be dumped out of the VM and arbitrarily replaced, and stuff like that.
------------------
Michael Ernest, co-author of:
The Complete Java 2 Certification Study Guide [This message has been edited by Michael Ernest (edited January 23, 2001).]