While login through Jenkins, the application layer password encryption is not in place, resulting the vulnerabilities of password disclosure.
Even if, the SSL is in place, SSL will encrypt the password after proxy only, hence allowing users at proxy to intercept communication and disclose password.
TLS implementation will encrypt the password once it leaves the proxy/network. A man in the middle (on or before proxy) attacker will be able to see the password.
use a dedicated system like okta, keycloeak, or authentik that will let you auth with systems designed for security.
If that doesn’t work for you, then your option goes to using TLS
If that doesn’t provide enough for you, then you can submit a pull request with updates required, and/or pay a contractor to implement the feature for you.