I am creating a custom record within NetSuite to hold user credentials for an outside system in order to build an integration between the two. I want to use the "Password" field type so that the passwords to the other system are masked and they can't just be grabbed. However, when I enter a value in one of these fields, upon save the value is converted into some kind of hexadecimal representation, and I can't use it to pass into the other system. I can find no information on how to decode the value to be used. Is there some JavaScript decoding function somewhere I'm not aware of? There really isn't anything I've seen in NetSuite's documentation.
Password fields don't store values. When the record is saved, the value is encrypted using SHA-1 and a hash is saved in the database. This means that you cannot get the original value but the generated hash. This type of fields are not intended to encrypt the value when it's saved and decrypt when you are trying to get the value. You should use password fields to store a hash and then compare with another hash to verify if they have the same value.
For instance, you can save 'myPassword' in a password field and the hash 82bb34c7f299fdf854b4aaeeb747cbcb8de0ad9 will be generated and stored. Then you can use the nlapiEncrypt method to generate a hash from a value using SHA-1 and compare the result. In this case, nlapiEncrypt('myPassword', 'sha1') returns 82bb34c7f299fdf854b4aaeeb747cbcb8de0ad9, this means that 'myPassword' is the value stored in your password field since the hashes are equal.
If you need to encrypt/decrypt you should use a symmetric encryption algorithm like AES and a key to encrypt and store the value in a text field:
nlapiEncrypt('myPassword', 'aes', '125C0B9A3D642927A0C60A6EABDF7948')
where the last argument is the key, and:
nlapiDecrypt('0e3d0eb7c1fed79402a5bd695aee5b11', 'aes', '125C0B9A3D642927A0C60A6EABDF7948') to decrypt, where the first argument is the encrypted value.