Suppose I have a web page where I enter in my username and password. How is my password vulnerable to a hacker if I do not encrypt the password? If the hacker were to gain access to my actual PC then he could examine the source code of the web page and then see what my password is. Or through shoulder surfing, That is the only scenario I can think of where my password could be visibly seen.
If not, what other methods could a hacker use to find out my password if the hacker does not have actual access to my actual machine? Also suppose that my database is super secure and that the hacker could never hack my database? Furthermore suppose my website can be viewed on the internet or can also be set up as an intranet application.