Well, I'm not sure I even understand it anymore. What's all this about master usernames, profiles, and hiding the advanced dialog?
As I understand it, you simply want the ability to protect passwordmaker.rdf from prying eyes--whether it be by using PasswordMaker when they're not supposed to, or by opening the file in notepad.
If that's the case, I have to agree with a variation on what miquelfire is saying. You should be prompted for a password with which to encrypt the passwordmaker.rdf file. When starting PasswordMaker (assuming you've opted for this option), you'll be prompted for that password--which may or may not be your MPW (that's up to you). If you enter it incorrectly, a new file is created with defaults -- not overwriting passwordmaker.rdf, but perhaps named something like passwordmaker2.rdf. If, however, you enter the password correctly, then the original RDF is used.
The only problem I see with this is that the RDF must remain encrypted on disk. This will have an impact on performance.