And then there's always the Mitnick trick of simply "social engineering" it out of someone. That seems to be the easiest way to get a password.

From what I know they either
1. Got your password from an admin
2. Are a friend of yours that had your password for awhile but just got pissed at you for one thing or another
3. Asked you for it
4. Cracked the login page
5. Used Brute Force and spent all day guessing

My best bet would be to go with one of the first three. An HTML group most likely isn't going to have profficent experts in C++ or any other programming language that's not web based. I would suggest simply changing your password, letting the admin know, and moving on. Don't know that you can do much more. peace