To answer your first question: No, that's not ethical at all. The way I understand encryption of user's passwords is that not even the admin can access your un-encrypted password. The admin can see your encrypted password in the database, and that's it. To answer your second question, I wouldn't deposit anything until I made sure what's going on with your password, account, and with the exchange in general. Be careful and stay safe.