You should make the mechanism of recovering lost account more automated. And you should make the rules clear for everyone.
It took me 6 months to finally find this:
https://bitcointalk.org/index.php?topic=497545.0Why don't you just add this info under the "forget password" page?
It would be a good idea to sticky that thread IMO.
You "moderators" should be aware that it seems in December 2013 multiple accounts been hacked by the same hacker. This is too dangerous for bitcointalk.org users/community.
Did you use the same password on some other sites as well?