If you trade more than $150 USD it is worth it to invest in a Yubikey, IMHO. I have other issues with MtGox, but getting hacked is the least of my concerns.
i don't have a yubikey, but my password is something similar to jfdsaMFDasjm#R$MnVMXCL:m43mMVL:XJOP%$#mvc
Thats not enough for alot of attacks. You need to use 2-factor authentication