password security during the session -- what is it?

[Michael Bull]

I've had a question regarding "how secure" passwords are that are in use by 
the IMP server.   As in, after I login and type my password, how is made 
use of / stored? during my session, and what are the security 
implications.  I'm particularly interested in 2.3 -- I've been continuing 
to work through the code to get a feeling of how IMP runs start to finish, 
but any imput as to the best answer to that question from those more 
familiar with the code would be greatly appreciated.

Thanks!

Mike.