Just submitted to Apple as a bug, rpetrich (developer of the ActionMenu packages in Cydia) discovered
an interesting security bug in the iPhone firmware.
If a password is inputted in a field, shake to undo, and you will be able to see the character you are deleting. Simply repeat this for every character, and you have the password.
Obviously this isn't an issue that would be useful for those with a criminal