Today I got an automated email from the forum server saying I'd been locked out of my account, after repeated failed attempts to log in under my user name. Not my doing, and not a problem to me - but thought I'd flag it as just a reminder to everyone else: If your password is weak/simple or, worse, associated with other log-ins you possess and use on the web, do yourself a favour and change it anyway. Using several memorable words together (eg distinct/odd/short plain text but memorable phrase) is much stronger - more entropy - than wasting your time trying to remember 'special characters' or numbers of course.