It's not out of the question, there are other ways though, depending on what your ISP offers.
If you have a good ISP with shell access, you may be able to provide him with ssh access instead of ftp. (files can be transferred using sftp) But, this depends on how your ISP is set up. (I actually prefer working with SSH over ftp) this is dangerous and may or may not involve giving him access to your email. (depends on where/how your ISP does things)
The other thing you can do is have the web person design everything on his/her development box and ship you the files, where you install them yourself. This is some-what technical and you may have to pay extra for tech support, but if you don't want them to access your FTP settings, it may be a good idea.
Finally, there are "shell tools" that a person can use to access your account w/out your FTP password. This is kind of dangerous, but you could install it for him/her and then they could use that to upload stuff. (and change file permissions, etc..) depending on the nature of the project, this may take more time. (I've had to resort to this in some cases where I needed shell access on a host that doesn't provide it)
Keep in mind, this person probably doesn't want access to your account any more than you want them to have access. Logging in to someone elses account is really something a professional would prefer to avoid doing whenever possible.
In any event, one thing you absolutely MUST do is change your password BEFORE giving it to this person and then change it back when they're done.
The trick is to change it before giving it to them.
Also, don't send it through email - I've actually seen accounts get compromised by emailing passwords. This is was a serious problem for me, as it actually appeared as though I had compromised the system.
These days, I've opted a policy where I refuse to login to any account that has had its credentials emailed to me.
Change your password first and do NOT send passwords through email channels.