Generally, passwords in Sitefinity are stored in an encrypted form. An irreversible algorithm is used (one-way), so the "hashed" value is stored in the database. This is the general approach for saving passwords in a database. Therefore, there is no way for the admin to know your password, all he/she can do is reset the password and send you the one he/she used. In sitefinity, the process is automated (e.g. the password is auto-generated) and a password reset is done via a button click.
As for your last question, we are inheriting this functionality from the standard asp.net membership provider. We relay on asp.net to handle this.
All the best,
the Telerik team