Facebook stored millions of instagram and facebook passwords in plain text!
Which is the computer security equivalent of "Inflamable means flamable!? What a country!" - Dr. Nick.
No site should ever know your password. Even the most basic security systems online shouldn't know or store any actual passwords and there should be no way to retrieve a password. Computer systems should only ever be checking to see if your password produces the expected output once run through some maths but the password itself should only ever be briefly seen as the holder types it in, and then obfuscated before sent to the server. Ironically this means team FF running on an outdated hacked VBB can look down our noses at facebook security.