I really dont want to use scripts to run my RMAN backups as i dont like the idea of passwords being put into files
Couldn't you create an OS authenticated user and then use / to connect to the target db in the script. Admittedly this would mean having a copy of the script on each server (which could execute script in the catalog after connection) and you would still need to have the catalog db password in the script, but there won't be any patient data in the catalog at least. If you're on unix you could always use the crypt command to encrypt the rman catalog password to a file and have your script decrypt it again. This, of course, isn't a totally secure thing to do, but it's an extra layer I guess. When it comes to B&R it's my preference to keep things as simple as possible.