There could be a flaw in your Website's Script.. the user may be usin a Sql Injection.. they can't hack your password if your not using a html site..
Hmm did you just advertised about your site (with a lot of adsense on it) ? OnTopic: Hmm I dont know. Are your site based on a special CMS? Some of them are ?vulnerable?.. If so, try to upgrade to the latest update available.
What exactly are the doing to make you think you're hacked? logging in and removing databases? Overwriting files? injecting code? putting up paypal/boa/egg/ebay/etc... phishing sites? Attacking other servers using your website? Everybody seems to be pointing at your script or passwords, but really it is impossible to tell with no example.
If you don't know how to fix it, i can help you. I think hacker installed backdoor in your hosting, please check it now.