I noticed that when I added the FogBugz RSS Feed to my iGoogle page I had to embed my username and password in the feed URL. So are there any security risks associated with doing this?
EDIT: Yes, my question should have specifically stated https and whether or not the query string portion of the url is encrypted.
If it's not a HTTPS url then yes.
If not it doesn't mean your account has been compromised yet but you're sending authentication information over an unencrypted channel... you're asking for it.
If it is HTTPS you're fine. HTTPS urls are encrypted.