Yes as it stands you can use a computer program called a brute forcer to "guess" passwords for you. As long as you know the user name almost anyone can be hacked. Some older (naive) players probably have their username the same as their mains name or close and it would not be hard from then to brute force their password as long as it is either a common one, a name, a proper noun, or something found in the dictionary. If your current password is any of those, change it now.
Now, I don't know too many people who have the capability of using a brute forcer designed to guess CH passwords utilizing a iPod/iPhone screen viewer who would even care enough to target CH accounts, but it is possible.
Also remember to keep your email secure in the same manor! People do not realize how important an email account can be, but if they know your email account password than they can pretty much reset most of your passwords using your email via the "I forgot my password" feature in so many different things. Imagine something like your paypal account being recovered in this manor, especially if paypal is linked to your bank account. This can be serious stuff and truly shows how dangerous an easier password can be to have.
My suggestion if you have a hard time remembering passwords so use the same one on everything is to use a root password and add extra for each website.
For example, if your password is XBCH6270 and that is all you remember, for facebook use FAXBCH6270 for ebay EBXBCH6270, for gmail GMXBCH6270, or something similar, ending with last two or three letters of website name etc, lots of different things you can do.
Good luck, stay safe.