Before I got an auth'er, I once logged into the armory app on my iPhone over an insecure wireless. Yeah, stupid, I know. My account was compromised shortly after. A couple weeks later, I got it back, intact to the way it was before the hack.
Now, I have a password I don't use anywhere else, a mobile auth'er (that I changed the serial number on after I read about this breach), and I have it set to *always* require the auth'er to log in. Now that whatever mobile auth'er info they got regarding my account is useless, I should be relatively okay.