An interesting question, although I may not have the perfect solution for you.
You see, pppd needs your peer password to be able to send it over the wire and while writing your password in a little masked box usually feels better than knowingly writing it an clear text file on your system, the results are usually the same.
With most programs, the passwords are either stored in clear text or backed behind some sort of key-ring.
What I recommend is that you use an encrypted file system for your "sensitive" configuration files and restrict access to the file on your system (with chmod) so that you're the only one able to read it.
An interesting question, although I may not have the perfect solution for you.
You see, pppd needs your peer password to be able to send it over the wire and while writing your password in a little masked box usually feels better than knowingly writing it an clear text file on your system, the results are usually the same.
With most programs, the passwords are either stored in clear text or backed behind some sort of key-ring.
What I recommend is that you use an encrypted file system for your "sensitive" configuration files and restrict access to the file on your system (with chmod) so that you're the only one able to read it.
You could upgrade your PPTP connection to EAP-TTLS, thus relocating the problem from storing a password to storing a certificate.
Nevertheless, encrypted file systems can only be recommended for such affairs.