I am assuming you referring to this text from the PDN article
In both cases you must provide your own cipher algorithm. Out of the box, PRPC contains a sample algorithm but it is NOT meant for production use. The class com.pega.pegarules.crypto.PRCipherSampleBF can be used for testing this functionality, but you must create an appropriate cipher for production use. Instructions on building a cipher can be found under the help topicWorking with the PegaRULES Database - How to Encrypt the Storage Streams of Selected Classes.
This clearly states that the out of the box cipher algorithm provided in the platform is not meant for production use. But if you provide your own cipher algorithm which meets your internal security standards, then you can use it for production.
When choosing which Type value to use, consider these factors:
The Password type requires no advanced configuration or Java skills to set up. Several standard properties implement this type; for example, the property Data-Admin-Operator-ID.pyPwdCurrent. Pega 7 Platform applies the one-way MD5 algorithm to this value, which is never sent to any external system.
The TextEncrypted type requires one-time Java coding of encryption Java functions of your choice to implement a Public API Interface.
On Pega 7 Platform forms, the display of a value of a Password property is a string of asterisks, for all users, in all situations. The Password value is never decrypted. In contrast, the value of a TextEncrypted property can appear in clear text or as asterisks, depending on the runtime outcome of an access when rule (Rule-Access-When rule type). Thus your application can make the clear-text value visible to specific users, or on certain reports, or during specified time periods.
Password properties are initially added to the clipboard as unencrypted, clear text values. The system computes the hashed value only as the page is committed to the PegaRULES database. Thereafter, the hashed value appears in both the clipboard and the database row. Properties for passwords for the Operator IDs, rulesets, and ruleset versions are of mode Password.
TextEncrypted values are always encrypted on the clipboard and in server-to-database network messages.