Wondering the reason for emailing passwords in plain text.

Hello,
I just created a user in my newly installed instance of Drupal. I chose the option to have it email me (as a user) a notification. I did a double-take when I noticed that it sends the password in plain text on the email.

I always have a moment of panic when sites I sign up for do that. I'm just wondering (and always have) what the argument is for doing that rather than 'suppressing it' or just leaving it off altogether. It seems to me that it's a pretty big security risk to be emailing passwords in plain text...isn't it?

Any enlightenment would be much appreciated. Thanks!