Free universal instant messaging client.
Pidgin stores your IM account passwords in plain text. You can avoid this by (1) not saving your password in Pidgin, (2) encrypting your file system, or (3) storing your Pidgin password securely with the Debian package pidgin-gnome-keyring.
Pidgin with OTR and dbus enabled has a local security bug. See the upstream bug report for more information and possible workarounds.