In some respects yes, in others, not so much. Think about a corporate setting where within the context of an office people might leave their machines accessible on a regular basis. They go off to lunch, leave their laptop at their desk. Anybody can now go and grab their laptop, do a hard reboot and extract the passwords. Conveniently, a lot of people probably have filevault passwords that are the same as their network passwords. Now you have another user's network passwords and can do a whole bunch of things on their behalf.
How on earth is it okay, in 2016, to store plaintext passwords for a file encryption tool?
The other potential exploit for this is to bake it into commercially available Thunderbolt 2 devices. Bribe a janitor to leave stick 100 crafted VGA dongles in meeting rooms of the company you want to infiltrate and have the device send passwords either over the network or via some wireless protocol.