Passwords to 99% of websites are sent out over the web in plaintext...remember? If you have access to my network then I'm going to assume that any of my web based transactions are open to you (save the banks and few other websites that have gone secure.)