I just had a plugin database discrepenacy where I needed to get a new password cause well I lost it :). So I did the normal lost password stuff. And then I thought if anybody knew my email and my login name (or that matter any user) they could access my account as an admin. This is not good.
Is there a plugin out there that would require a secret word to be entered prior to retrieving a password?
Or am I just worrying over nothing?