After reading this post on password recovery, it turns out that if you don't log into your secondary email address, it could expire. This is pretty obvious, however we don't really think about this very often. It also poses a security risk, since if say your old account expires, but someone else comes along and registers it, they can do a password reset on your current email account. And if they control your current email account, they pretty much control your online identity.
So if you're using Gmail, maybe it is a good idea to update your alternate email, and make sure that you can still log into it. It turns out that my alternate email was my Bishop's email, which is no longer available. The instructions for updating your alternate email are here: http://mail.google.com/support/bin/answer.py?hl=en&answer=6566
One thing I noticed is you can put your phone number in to SMS your password reset code to you. Does anybody know if this is a security risk or not?