I personally would never store any serious credential information in a project (= Git repository) regardless encripted or not. It is too scarely for me to save serious credentails in a Git repository, which should be open and shared, even if encripted.
I personally store credentails (URL hostname + username/password) in my local Mac’s Keychain.
.
My selenium test scripts reads the Keychain database via Command Line Interface = security command of Mac. A working sample code is here:
However, you should re-think if the password you have in your mind is REALLY serious one that must be strongly protected. Does it cost much money for you if the password is exposed public? In many cases, username/password pairs used for UI testing are not really worth hard-to-break security efforts; they may be just data.