Parameter 'PASSWORD=ESF' - Is that a mandatory ? Can that be masked ?

SAFUID *,LABEL=GRP1,DGROUP=1,PASSWORD=ESF
SAFUID USER1,LABEL=GRP1X,DGROUP=1,PASSWORD=ESF
SAFUID USER2,LABEL=GRP1X,DGROUP=1,PASSWORD=ESF

Release : 14.0

Component : Spool

The PASSWORD keyword is not mandatory. If using internal security and omitting the PASSWORD would allow the user to logon to the Spool menu without any passwords. We recommend using external security or a mix of internal and external security what would make Spool to validate the password against the external security package installed on the system.

There is no way to mask the passwords in the ESFPARM. If still using internal security an alternative can be to put the SAFUID statements in a separate dataset protected by the external security package (ACF2, TSS or RACF). 

Reference the SAFUID statement where the PASSWORD keyword is define:

https://techdocs.broadcom.com/us/en/ca-mainframe-software/traditional-management/ca-spool/14-0/initialization-options/safuid.html