Encrypting things in an Open Source platform is always complicated.
The trouble with encrypting the DB password in config.inc.php is that MODX needs the actual DB password to get started. If it were encrypted with a one-way hashing algorithm, like user passwords are, you'd have to enter it each time you log in (in addition to your Manager credentials), because it's impossible to recover a password from a hash value.
If it were encoded with a two-way method that allowed MODX to decode it to get the real password, any experienced hacker could easily look at the MODX code and figure out how to do the same thing.
Using either method would also mean creating a separate utility for telling MODX that your DB password had changed, providing another method for hackers to cause trouble. You'd also have to remember how to run that utility outside of MODX. Your site would be offline, and you'd be locked out of the Manager until the utility ran successfully.
So -- nice idea but not too practical. I've had hundreds of such ideas since I started working with MODX. A large proportion of them were wrong-headed, but a few paid off, so don't stop suggesting things.