I carry my password.rdf file on a USB stick. With this I can fill in the Javascript PWM when not having access to my FF profile (internet café, office...)
In password.rdf, the user name is in clear. For those sites where I had to use an Advanced auto-populate password field (typically those that don't let you change your password online), the password is encrypted (as it should be).
It would be nice if the Javascript version would allow to decrypt an Advanced auto-populate password.