In v. 3.6.1, the eNom module lists an API key field, which actually should be relabeled to "Password" and changed to a password type input field on the form. The password should be masked on the Installed Modules -> Manage eNom screen. It seems like a really bad idea to have the user's eNom password in the clear like that.