First the USSD bug and now this. :(
More Details: XDA Developers (via Hacker News)
It only seems to work if your phone is rooted.
If someone stole your (unrooted) Samsung smartphone, they could root it and get the password that way. While the chance of that happening is small, that's not to say it is impossible. :)
Passwords shouldn't be stored in plain text, should they? :confused:
I agree no passwords shouldn't be stored in plain text.
As far as i am aware as i am fairly new to Android, it would give them access to my Google account ?