I haven't had time to dig into this further.
On reflection, while hashing prevents a "curious" workmate from learning my email account password, in my use case several users have root.
Such a user could just su into my account. The hashing prevents learning the password but cannot prevent rogue behavior using my email account. I don't expect that to happen but we don't have good auditing configured on our systems. Yeah, I'm pushing tinfoil hat territory here.