Most of the time when we are working with customers environment upgrade/new install of workbook , we have come across a situation where customer uses their personal admin ids to run the ADM commands and exposing the password on the command prompt is not a good idea. I learned that you can hide the password if you write the ADM commands little differently as below. 

Earlier I used to write like this :- 

VaultADMStoreManager /vault vm-xyz-xyz.dsone.3ds.com vm-csd-69avs\vault.admin password LIST-PROFILES

If we change this now little like 

VaultADMStoreManager.exe /vault vm-xyz-win2016.dsone.3ds.com dsone\mpa6 "" /console 

then it ask for the password and masks it in the command prompt window . once connected we can then just use the actions and not the whole command for that session. For example :- 

LIST-PROFILES

LIST-PACKAGES

GENERATE V18.1.100.3033-Roaming C:\AMDWorkingDirectory\WB2018SP1HF8

DOWNLOAD-RULES c:\rules.xml

UPLOAD-RULES c:\rules.xml

Hope this helps others