Nobody on the planet has held the archive in plaintext since CG2.

FORBES: Who Released The Climategate Emails And Why

Mullenweg countered with the fact that all Web applications must either store their database credentials in plain text or keep a plaintext decryption key around somewhere.

FORBES: Wordpress Founder Slams Security Journalists Over Malware Scare

In addition, you should consider avoiding plaintext-password network services: The POP3, FTP, and Telnet daemons pose a special risk because their passwords pass unencrypted across the open network, sniffable by any nearby machine along the way.

CNN: Analysis: Linux security