When reading through this blog entry, I noticed this bit and so did that:
set the xen vnc password ( http://blogs.sun.com/shalon/entry/virt_install_demo )
# Set the prop in xvm which is used to initialize the console password
soe-x4600m2-2:root> svccfg -s xvm/xend setprop config/vncpasswd=astring:\"bacon\"
# Restart xend
soe-x4600m2-2:root> svcadm refresh xvm/xend; svcadm restart xvm/xend
I am not sure whether it is really required. I am uncomfortable that ANY user can read whatever password root sets.