Mozilla stores passwords in an encrypted database, different from the open one for bookmarks and form filling. The first time you go to a page that needs a password from the database, you are prompted for the master password to the database. It remembers it for a while, I think Mozilla lets you set how long it lasts, Firefox is per-session.

This is the only way to do it if you are going to have lots of different passwords for lots of web sites. You can't possibly remember all those or tape them to your monitor. (They are working on better ways to roam with it.) Of course you must choose a good password for the master password. And, if paranoid, you don't keep the most secure passwords (bank) anywhere but your head.

Of course, spyware could snoop on you typing the master password, or typing the only-in-head bank password. The only truly secure system would be a dongle that talks end-to-end encrypted to the bank, with dongle password to boot.

However, the main point is, deep bookmarks are exactly as secure as the existing system with the browswer remembering passwords, no more, no less.