So how is it actually possible that Wireshark can capture passwords? That’s because some network protocols do not use encryption. Such protocols are called clear text (or plain text) protocols.
And since clear text protocols do not encrypt the communication, all data are visible to the naked eye, including passwords. Anybody who is in position to see the communication (e.g. man in the middle) can ultimately see everything.
Following table lists some of the most popular clear text protocols still being used today and also some other protocols which allow clear text authentication: