[Plugin: WP Mail SMTP] learn to hide the password value

If you’re concerned about security, that won’t help very much, because the password is still stored in its original format as text in the database (unlike user password which get hashes).

So anyone with admin access to your blog can get to see that password, the simplest method would probably be to just look in the html source for the password field value. And now you understand why the author didn’t bother to use a pw field ??