Just a warning:
15 minutes ago I received an email from Mt. Gox with a requested password recovery link. Thing is, I didnt request this.
I now tried to log into my account with my old pw and it doesnt work.
I have 2-step turned on on gox AND my email account and nobody has access to my email account anyway.
This is at least strange and I just wanted to send this out as a warning.
Same on my account, wtf is going on?
Someone's probably trying a mass hack with a large list of usernames and default / commonly used passwords.
I've come across this before on different systems and it can lock out lots of legitimate usernames.
Something I do is use a long random username and password. It would be impossible to guess my usernames based on a dictionary attack.
I also use 2 Factor auth which is a 100% must on any Crypto related site.
One other thing - never use the same username / password on more than one site.