Make sure that the SQL Server Authentication password is transferred to the server using the encrypted transport method (HTTPS/SSL) unless you are sure that in your environment it is safe to transfer it in a plain-text.
To enable HTTPS for SQL Data Catalog, follow the step described in Configuring HTTPS.

Once the password is transferred to the server, it is encrypted and stored in the database in an encrypted form.

If you have security concerns about this, use Windows Authentication instead.