those are called secret parameters in BigFix.
They’re basically coded in the description to hide them in the console. Here’s a link that discusses it.
The basic steps would be to export the fixlet you’ve created, and then edit it in VS Code or Notepad++ or whatever you use.
In the Description field you’d add the username and password:
<Description><![CDATA[Rename Server joined to Active Directory (Secure) <script> document.body.ontakeaction = function() { TakeSecureFixletAction( Relevance('id of current fixlet'), Relevance('id of current bes site'), "Action1", {}, {secret: 'domainaccount' , secret2: 'domainpassword' } ); return false; } </script> ]]></Description>