Liability of knowing client passwords

What passwords are you willing to ask clients to give you?

Certainly it is fine to ask them their webhost password.
But what about PayPal password to configure their paypal shopping cart?
What about their credit card number? Do you ever ask them for that? In case you need to upgrade their Yahoo hosting plans, etc.

I hate to ask these things from clients. Because if there is fraud on their card, or if their PayPal account fall short, they are liable to blame you. What is a web developer's liability in this case? Can we be sued if their account falls short even if we are not the cause of it?

But the alternative to not having access is that I have to type out long instructions to "teach" them how to configure or purchase these things themselves. And it is a pain for both me and the client.

This is my nondisclosure clause in my contract:

39. Nondisclosure The Developer its employees and subcontractors agree that, except as directed by the Client, it will not at any time during or after the term of this Agreement disclose any Confidential Information to any person whatsoever. Likewise, the Client agrees that it will not convey any confidential information obtained about the Developer to another party.

This clause covers any issues clients have with releasing confidential information. If they are a client who does not trust me in the first place, then why did they even hire me?

I've seen that before; stock TOS ya?

If the client gives you a super confidential password to do something and then DOESN'T CHANGE IT AFTER YOU'RE DONE... geez... Maybe that's the way you handle it, ya? Tell them to go ahead and change their password before and after you do your work?

On a side note, places like paypal are heavily audited and insured against fraudulent activity. Don't sweat it. Just be honorable with all your customer dealings and all will be well.