Web Hosting companies asking for password in plain text
Being slightly in the hosting business I realize what you mean. To put it simply, it is extremely bad practice to ask clients to give their passwords in plain text but all companies do it. They either ask the full password or simply a few characters from the end.
My point is that, at some places like dedicated servers it's impossible to provide support without asking for the admin/root password in many cases, then again for shared servers the support should able to get right in with their own accounts.
I'm assuming at the least that he used your password to compare it to a stored hash, but security procedures can be flawed in many such hosting companies. I say this definitively because I know that cPanel, Plesk, etc do not store passwords in plain text, therefore he'd have no way to just "read" it.
You should however change your credentials every time you contact support. You should also write about this on an open forum so that the host takes a good initiative to prevent such malpractices as they can easily use a secondary question answer or a phone call, etc to verify one's identity.
Usually the hosting providers shouldn't ask for the customer personal details( like passwords for control panel , admin panel or FTP) via live chat. This information should be provided via tickets to and from the customer contact email address which he previously used to register with the hosting company.