2. Doesn't the "three strikes and you're out" rule followed by many, if not all, (e.g.) financial Web sites means that a hacker would have to crack a password in a non-secure location, i.e. your own machine?
Do a YouTube search for "hack website" and you will find any number of tutorials on different techniques for hacking into a web site. Some of these tutorials are an hour or more in length so I didn't wade through all of them but from what I did see, "Three strikes" did not appear to be any obstacle at all.
