I just tested this myself:
I have turned on "encode input text"
then I filled in a form, all input was encoded.
I clicked on submit and got a popup window asking me to login
( the webserver asks for authentication).
With the encode input flag still on, I enter a username and
password and these are NOT encrypted in the script.
All input entered on the site afterwords it is again encoded.