A lot of the time sites just use the password that came with their account, which is generally one that has passed through a random password generator; in fact, when creating a new MySQL user account there is a generate button that does just this.
It does look random enough to make one think it may be encrypted or encoded at first, I totally agree.
