I wanted to look at my cable internet e-mail last night. I have not used it in over a year, and forgot the password. I hit the "forgot password" link, and it let me pick a new one by answering one challenge question - where was I born. This seems insanely easy to figure out for a hacker.

I have set up two factor authentication on my Gmail account, and am also playing with LastPass. It is probably worth the $12 a year. I have been switching everything to strong passwords and using special characters when possible, but not all sites allow it and it is becoming unmanageable. Add in a new job that has added another dozen or so passwords to my life and it is worth the $1/month.