It also makes you wonder how they know what the third, fifth, or seventh characters of your password are...

I suppose they could create multiple hashes each time you change your password, but I'm not optimistic.

My UK bank requires a password and a separate secret phrase that they do the letter selection from. You need to supply the password and 3 letters from your secret phrase.

As my phrase is quite long I pretty much always end up writing it down or using an editor.... :-)

I have a lookup table in 1password as my brain can't work with indexing random strings with numbers in them easily

I suspect it may be more related to being keylogged or an equivalent, and not revealing your entire password in the process.

It's more than likely plaintext or "encrypted" (and decrypted to check if it's correct)