Given the way Startcom operates, that could become expensive quickly. Since your private key is your gateway into your account (Why they went with this method instead of requiring a sensible password is beyond me, it's one of the reasons their site is a huge pain...), theoretically every certificate you own is compromised, and therefore you'd be out $25 for each one.
