> # steal someone's perlmonks password from there Netscape cookie file
> # they may be a maximum of 10 characters. The password is
> # still unusable, because it is encrypted.

Well, it is still usable - just copy it to your own cookie file and voila! Netscape sends whatever is in the cookies file, it doesn't matter if it is human readable or not. Perlmonks is responsible for doing the decoding. Probably just using crypt anyway :)