Assuming you save your passwords on your iPhone (iPod touch and iPad as well), you don’t remote wipe it and assuming the person who finds it is a pretty astute hacker, you may want to reset your passwords.  PCWorld details how an iPhone can be jailbroken and give up passwords in just 6 minutes.

The attack, which requires possession of the phone, targets keychain, Apple’s password management system. Passwords for networks and corporate information systems can be revealed if an iPhone or iPad is lost or stolen, said the researchers at the state-sponsored Fraunhofer Institute Secure Information Technology (Fraunhofer SIT).

It is based on existing exploits that provide access to large parts of the iOS file system even if a device is locked.

Maybe Apple should make remote wipe a free option.  Oh they just did!