Well, email is a lot more secure since SSL (https) started to be widely used, this encrypts the traffic so attempted "man in the middle attackers" just get a load of unreadable junk when he tries to intercept.
I'm a member of that forum myself, and you are not the first person to point out the potential problem with this, the topic has been gone over a couple of times over there (on Avast! forum) in the past.
So, in short, is email safer than it used to be? Yes, by far. But is sending passwords via email still an unneeded risk? Yes to that also. But again, much safer than it was. Good on you for even being aware enough to notice though, most people do not even think twice about it.
One of the first things my ex, the IT guy, taught me about computers is that email is not secure. Consequently, I never send any sensitive info, such as credit card numbers, by email.
I'm having a problem with Avast suddenly declaring a forum page I read and post on daily contains malware, and denying the service. This has been happening on Firefox, my primary brower, then again on Chrome, when I tried to access it through that. I get regular email updates from that Forum whenever there's a new post , so I know that others on the site are continuing to access it without problem.
I went to the Avast website and registered, as required, in order to get help with this issue. I got an email back confirming the registration, with a link to activate the registration. Lo and behold, this email contains my user name plus my PASSWORD, spelled out completely for all the world and any hacker to appropriate.
I can't understand how a company that specializes is web security could be so stupid. Or have things changed since, making email very secure?