I wonder if a better system of account access could be made. Like banks, where you have a "known" computer, like in your house. It has a fingerprint stored (don't know what they store though). You can even have 2 or 3 known computers stored. If you are not at a known computer, you have to answer personal security question before you can even enter a password. Since all these bots are not at the known computer, that would stop them from even getting to the password screen.