Thanks for the advice about better passwords. You mentioned that one hacker has built a device for brute force cracking, which can try 350 billion attempts per second. Why don't our banks etc build in a short time delay, perhaps 10 milliseconds, for any authentication? The hacker has to go to the site where they want to carry on a transaction and be recognized as a user, in order to benefit from having the password. If he could find where the site stores a password for the user that he is trying to attack, he could just read the password from there; instead he has to follow some procedure for doing business on the site and see if the trial password unlocks the gate. That login procedure is totally under the control of the site owner. If a hacker can follow some other procedure that compares a trial password to the stored password, then that is the flaw in the system and we should be able to eliminate that. So, brute force and dictionary guessing should not be effective.