A week ago a company we work with did what most IT managers would call a big no no.
This company we had been working with needed to reset the password to our email back up log. They sent me the reset password only to find out that their programmer had set the password to password. How dumb is that right?
Anyway speaking of passwords one way hackers can access hints to what your hint question and answer maybe is looking to see if you have a myspace or any other web 2.0 profile.
Just be aware that any information online is fair game. Stay safe.