Forum OpenACS Development: Re: Can question/secret answer be removed from password recovery?

The encrypted password protects against: Someone stealing a bunch of passwords and then having access to the site without the real user every knowing anything happened. And from the site maintainers misusing the password, as Malte pointed out.

Remember people make exports and backups of their database, leave these lying around on various computers, and often probably don't consider the security of that backup nearly as important as the security of their live system. So, an attacker may not have access to the live system at all. If your passwords are stored in the clear, he may have just read all of them from an export of your database.