FELIX-3168 support for password meta type data has been added. Not only meta data with type="password" are detected as such but also string meta data containing "password" in the id (https://github.com/apache/felix/blame/trunk/webconsole/src/main/java/org/apache/felix/webconsole/internal/configuration/MetaTypeSupport.java#L183).
This heuristic does not really work well. E.g. in Oak there is property with id="passwordHashAlgorithm" (type string) (https://github.com/apache/jackrabbit-oak/blob/2acda3156cfad9993310e7aa0492cdc0b65aa5f7/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImpl.java#L65) which should clearly not be detected as password type.