So I changed how passwords are handled on the site. They used to be dealt with pretty cavalierly and this has been tightened up in a few ways:
1. Passwords are no longer stored in cleartext. Now we store a salted hash of your password-- that is, a number derived from your password in such a way that no one can deduce your password from it. It used to be that if you forgot your password, it would actually send it to you in email. Now it will generate a new password for you and send that.
The overall result is that the only time the server actually knows your password is when it generates one for you. And if you set your own password, it never knows it.