Embedded security example is showing a way to provide a security domain. As per the passwords being in plain text or encrypted will be a custom solution you need to come up with in the embedded, as there are no predefined methods. In WildFly, based deployment WildFly providers an utility for this.
Could you please tell me how to use the encrypted file instead of the plain text file?
Where does Teiid read form the plain text file?
That is up to the designer of the utility as to how to encrypt/decrypt the passwords. You can choose Simple Base64 encoding to certificate based encryption, depending upon your need/usecase. See examples ,  upon quick google search.
Typically in the "embedded" teiid, we take position that, Teiid is being "embedded" in some other application and security related issues are dealt by that application layer, not at Teiid layer. If you need a fully blown Teiid with security, you can consider using the Teiid server version.