[powatom]

True - but you can add an additional layer of security to the password reset request if this is a concern, such as personal questions.

[gpvos]

Using personal questions for security is the worst thing ever.

Whenever I encounter them, I paste the output of "dd if=/dev/random bs=1k count=1 |uuencode x" into the field.

[iopq]

If you can use Facebook and Linkedin to hack someone's bank account you know that this is a bad idea. What's that, the make of your first car and the name of your first boss are actually freely posted on the Internet? You don't say.

[6d0debc071]

I can never remember the answers to those damned things.