A few days ago I was reading a blog (And I forgot what blog!!) with information that the ApplicationPool password was stored as plain text. If you don’t believe me: check the screenshot below:
The password is as well accessible via the objectmodel, when runnin under elevatedPrivilges..
Lessons learned: Always try to have a least-privilegd installation for your SharePoint farm!