well, my passwords (rather the ROT(n) versions of them, which i changed)
were "gafa973p3l5h7" to login and "txtxtx18" to withdraw. Granted these may not be award winning passwords, but they are not THAT easy to hack, are they?
I'm not an IT security professional. But I try to fully digest anything related to the topic that I come across. From everything I've encountered, that second password probably isn't very strong. Only eight characters, consisting of a simple, repeated lowercase pattern and two digits on the end? I wouldn't trust it; I would think any reasonably-sophisticated password-testing algorithm wouldn't take too much time to stumble onto it.
Actual IT security professionals, feel free to corroborate or correct....