I’m not quite sure I get what you’re getting at. If you’re using Cloudflare (for more than just a nameserver), then the client’s browser is connecting to Cloudflare via a Cloudflare SSL certificate. Any password (or other data) submitted will be readable by Cloudflare because the encryption is only between the browser and Cloudflare. They then connect to your reverse proxy, which might have SSL or it might be unencrypted. That’s a second jump done by re-encrypting the data.
How does the reverse proxy help, when the browser is connecting to Cloudflare not to the reverse proxy?