Unfortunately this will not protect your key, as “password” for input field only hides it visually, but behind the scenes your password as is is sent from back-end to front-end as data.
If you have a public project, then consider not adding password in data, but add it in query of url during testing, like so: https://launch.playcanvas.com/123?debug=true&pass=foo
But even when you will publish your project, password might be still there in the data. Consider alternative approach of how and where data is accessible from, like using back-end authentication with storing protected data in database without sharing with front-end.