The last file states the encryption used, which tells you which ncw_*_crypt command to run (this stanza is directly above the ObjectServer hostname):
< !-- ! Login information to access the datasource specified in !
! - encrypted : If true, the password is encrypted (using nco_g_crypt)
! - algorithm (optional) : [AES|FIPS]
! If set to AES and encrypted attribute is set to true,
! the password is encrypted (using ncw_aes_crypt).
! If set to FIPS and encrypted attribute is set to true,
! the password is encrypted (using ncw_fips_crypt).
<ncwdatasourcecredentials username="root" password="xxxxxxxxxxxxxxxxxxxxxxx==" encrypted="true" algorithm="FIPS">
To change the password, in this case you would run ncw_fips_crypt and place the encrypted passwd in the three files listed above.