No, it's not strange. There are a few explanations as to why this didn't work:
- Your host is not using Apache or another web server which supports .htaccess files.
- Your host is using Apache or another web server which supports .htaccess files but has turned off .htaccess support for your account (or even the entire server).
In both cases the .htaccess files are silently ignored. This is why we worked on an improved solution that uses .php files to store the configuration data. Even if you try to access them directly they will divulge no information. So, the only thing you can do is wait a couple more days for us to prepare the new stable release.
BTW: Your site is at no risk, despite the warning. Akeeba Backup for WordPress doesn't store passwords in that JSON file (or at least: it shouldn't!). However it shares most of its code with Akeeba Solo (standalone) which does
store passwords in that file. The warning should only be shown in Akeeba Solo, not Akeeba Backup for WordPress. Well... there were a few good reasons we labelled that release as "beta" :)