Same as you would in any other language - keep the plain-text in memory for as little time as possible, overwrite the variable once you no longer need it (before free()ing or, in perl, letting it fall out of scope), try to prevent it from being written to swap (kinda tricky in perl - look for wrappers around mlock(2)).

A password in a variable in a C program is also visible - to a user using the debugger, or a user who can make your program dump core, or a user who can look at whatever your platform's equivalent of /proc/$PID/mem is.