Good day,
Hackers are all around but so are people fighting them. Just like cops and theives
Theives are there as well but we trust the law enforcement people. That trust also is a base of some assumptions in the IT world.
The automated password are store on your computer and generally in an encrypted manner such that only the host application should be able to decrypt them. But then, for your convenience again, some softwares save them "normally", plain text and don't hide them in the "password please" boxes. This is based on the assumption that only you will be accessing your computer at your home (or office).
As for hackers accessing your computer and stealing password, unfortunately I admit it does happen. But not if you're careful enough not to disclose passwords in any email or chat transcripts and/or your internet connection is protected at the periphery, using a moderately secure modem or router. But then, It's a windows world, and even the Whitehouse accuses China of hacking! If indeed, you suspect the passwords have got stolen, you can always change them or get them changed via support department.
So, Nothing to worry about.
Password changing frequency depends on many factors. How secure is your content, how many different people access your content (with how many people have you shared your password) etc. It also depends on the password policies of the webhost in some cases. They force a change every n days. One of my
website hostings, I have not had the need to change my password for 2 years. On yet another, i have changed at least 6 times in three months. The one where I had to change often, is used by sales team and the staff keeps joining and leaving on that part. As per our HR exit policy, we have to change all passwords when an employee leaves.
Hope that is not burdening you.
Regds
IJ