One of the most common hacking methods is called social engineering; a hacker relies on a human to give a password. You may get a call from someone claiming to be a representative of your ISP. He may tell you that in order to determine whether there has been a security break in your account, he needs to know your password. Or you may receive a call from someone who claims that he is an employee of your organization, and that he is about to leave on an airplane and he forgot his password. These situations are not uncommon; get a name and a contact number for the individual and check up before you give any information out.
Never give your password out over the phone.