The email and username password in the email server settings screen has the same names as the username and password fields when logging in.

This has the unintentional side affect of being pre-populated by your browser if you have left the mail server credentials blank and your browser has saved your login credentials.

Changing another element on the form (in our case, email from), and not noticing the username and password fields have been auto-populated, results in your director's password being saved as the mail server password, and being available to all admins, in plain-text (via inspect source) next time the page loads.

Fix: don't use the same field names (username and password) for the login field and email server settings.