<-- happy he doesn't use an authenticator
Uhm... Without an authenticator, any plain old keylogger can get your account info.
With an authenticator, it is VERY rare to get hacked (maybe a handful of like 10 people with authenticators versus tens of thousands of people without authenticators have been hacked across the years). I'm not sure why you would be happy to not use an authenticator.
This old (March 2010) post addressed a security issue that actually hasn't been a problem lately, since they have changed how authenticators work like twice since this old thread was posted.
Not having an authenticator simply makes you less secure than having an authenticator.