If there is no user name called "sbinstall" that's fine.
If you're an extremely security conscious type of person
you can check in cgi-bin/sblogin/config.pl and make sure
it's not listed under $adminusernames also.

The thread on GFY can be summarized as:
A webmaster was pissed at another webmaster named Jono.

The pissed off webmaster searched the password forums and
finally found password that worked for the Jono's site.

The pissed off guy tried to rip Jono's site, but couldn't because of the basic ripping
protection that Strongbox has as a minor bonus feature (actually a side effect
of some other security). The automatic built in ripping protection is such a minor
little feature that it's not even mentioned on the Strongbox features page. (What
IS mentioned is that Strongbox is designed to work well WITH ripper protection systems.)

Although Jono hadn't added the spider trap links that Strongbox can use to
enhance the protection, even the automatic "side effect" ripper protection was
good enough to stop a basic ripper program.

The pissed off guy wrote a custom program to get around the simple automatic
ripper protection in Strongbox, using the password he had for Jono's site.

So none of the security features designed into Strongbox were hacked in any way.
It just happens that Strongbox makes it harder to rip a site even if you don't add
the links that I suggest so the guy had to write custom software to avoid being
thwarted by a feature that doesn't even exist.