I just find it unnerving how many apps on the droid market require access to phone identity, contact information, sd contents, etc... If it's an apple app then I wouldn't worry too much about password security, but I typically stay with programs like Trillian or the original programs (Skype for example). These companies have to protect your password and have a larger budget when it comes to Information Systems Security.