Before "anonymous" rushed in, there was an interesting thread going:
wp-config.php and security
I am aware that under *normal* circumstances the wp-config.php wouldn't display in the browser, but what happens if someone manages to find a loophole elsewhere to display the contents of the file. Passwords in clear text on a webserver, doesn't sound like a good idea.
Since WP is now seeing a proliferation in usage through the promotion by large webhosting companies (Lycos just to name one), it would be the right time to think about security again and to see if there is room for improvement.
On the other hand I guess, large webhosting providers wouldn't encourage the use of WP on their servers if it wasn't safe - but better is always the enemy of good. Is good, good enough?