Comment Unable to replicate (Score 1) 135
So, out of curiosity, since I am on a Mac and using Safari as my main browser, I thought I'd see what was in the offending file. I have a in excess of 20 tabs open at the moment, a good deal of them to authenticated sites via https.
A quick test in Terminal like so:
$ strings LastSession.plist | grep -i pass
Produced 8 lines that matched, of which 6 matched on the word "passive" and the last two were urls that contained the word "ChangePassword". A more thorough search through the file did not produce any login credentials or passwords.
I should point out this is with the latest release version of Safari 7.0 (9537.71)