According to reuters, security experts apparently got 4466 passwords when they started monitoring an isp’s network (with permission). Now if you ask me, that either means they don’t have a lot of customers or the experts weren’t very good. If you have access to sniff the network on an isp I would have thought you would have got a lot more passwords. After all, pop3 usernames and passwords are sent in clear text and that is what most people would be using to retrieve their email. Just goes to show that you really shouldn’t use the same password for everything that you need to access.