It is if you forget your password and ask to reset it. An activation key is sent to the admin email address. If you click the activation key link in the email, the password will be reset with a random password that is sent to the admin email so you can login again. If someone attempts to reset the password without your approval, you just need to ignore the email link and sign in again, which will clear out the activation key.
what do you mean "connecting the database directly to somone else"?
If you are attempting to reset your password, you need to enter either the correct admin username or the correct admin email address (which are included in the database already during install) to get anything to work. If those are correct, an email is automatically generated and sent to the admin email address with the activation key and a link back to your Plogger installation for the activation.
Nowhere in that process is a database query available to a user who has stumbled across your admin section. They submit a form, the script grabs the username data from the database (hard-coded query), and compares it to the submitted form data.