APOP is just new a command added to the standard POP3, which does not transfer the password in plain (e.g. with USER and PASS commands) but digest based. Later better authorization was added with the AUTH command, similar to how it is done with SMTP and IMAP. All these ways to not use encrypted passwords, but at most hashed passwords which often required the POP3 server to know the cleartext password to verify the send password.
Better is to use POP3 with TLS, e.g. either starting with a TLS connection (POP3s) or upgrading an existing connection with the STARTTLS command before doing the authentication.