Guys, I’m a happy user of DropDMG. When I create a profile with encryption and set an password, the password stays there for future reference. Someone could open my DropDMG app and gather all passwords for my encrypted DMG files. That’s a horrible security flaw IMO.
Just go to Preferences/Set Passphrase/Show Passphrase.