They are in plaintext. You need to go over the little dots that obscure it and click them, then click on "show".
This isn't really the dangerous part though, the browser does need to save off the plain text somewhere so it can log you into sites. However having the browser save them in the first place bad because...

The dangerous part is that they are saved out to your harddrive without encryption and also in your google account unencrypted, and evidently the google account of anyone who "logs into chrome" from your browser if you don't log into chrome yourself, according to that link.