So if you are going to use an encryption algorithm based on XOR, you need proper "random" data to XOR with. Anything else will be exposed.[/size]
That's why I suggested to combine it with compression (and hash the password). Something as simple as run length encoding (RLE) will be sufficient already, it will eliminate any trailing numbers and make it impossible to extract the password.