Don't use a JTextField. Instead use a JPasswordField which is built just for this use. Note that you handle the data from a JPasswordField a little differently. Since Java String's are interned into the String pool, and thus making them easily discoverable by others, it is dangerous to handle passwords as Strings. Instead use the char array that is returned by calling getPassword()
on your JPasswordField object.
For more on this, please check out the JPasswordField Tutorial.