some sites, like yahoo also md5 passwords using javascript in the browser. In that case, a grabbed md5 password might be useful if u disable javascript or bypass the hashing but in yahoo's case, other checks are performed to prevent this.