If you only have a 5 digit password, well, you deserve to be hacked. Why not just have at least a 10 digit password? You get a HUGE jump in security. I just used a random password generator for mine and memorized it; I even cycle through my passwords every couple of months. Keep your recovery questions up to date, have a bank pin that isn't 1111, and you should have plenty of security. That is, as long as you don't get keylogged, etc. But even then, you should be able to recover your account for whatever reason. If you are extra paranoid, you can even bank all your valuables before you logout in case you do get hacked. Just the other day I logged on and someone had apparently "guessed" my password (really no idea how they got on my account) and tried to cancel my bank PIN. Luckily I logged in and cancelled the cancel before it canceled (lol). I ran some malware/spyware and virus scans, changed my password, my bank PIN, updated my recovery questions, and I was once again as secure as I could be.