Lets see if I can start a fire storm here. :)
This has always been a debate on the forums. Coming from a security background I understand the concerns and have always told everyone best practice is to not use their secure passwords on a GUEST network.
But.... The main thing that is always brought up is "that those are guest accounts" and if it was a concern then the admins should force employees to use a secure connection where the passwords reside on the AD or backend source and deny access to the guest SSID. Which can be done with Clearpass.
If the admins are only managing guest accounts then you can set it up so they can only connect to the guest side and with no access to passwords set in their profile. That is one of the advantages of having two separate interfaces.
This has been talked about with engineering and a feature request has been filed.