Concur, but not concur, not when it doesn't matter what your password is when you visit digg.com to look at Grand Torino screens, to find later your gmail has been accessed from China, because of a recent .php hack, and finally conclude that digg.com is an infestation due to its very nature of anyone being able to leverage a malicious page to a top site.... A hack where your very strong password was plainly attained on the other side of the globe, but thank god the email account you accessed at the time was your trash one....
When you have an em-effing strong password, and your only error was using Windows, because that's where you play wow, and thank god you're using the authenticator, and you setup separate linux boxes to do sensitive work on, and now you're doubling your spending in computing: one for fun one for work, and you realize your wife's ipad is more secure than anything for fun and leisure, and she beats the hell out of surfing on it and you have no fear, but it sucks and you hate it for yourself with a gd passion....
Yea, used to be users were the weakest link, not anymore....
Basically, wow is now the most secure thing I do bcs of the authenticator. I'm putting my entire family on it. I plan on having them bank there and email there, etc. I can see it now, calling my sister, "mom got killed on the way to the bank...." Sister: WHAT?!?!?!?