Are you sure it's salted? $1$ just seems to indicate that phpcrypt used a MD5 digest. If I were you I would do an MD5 digest of your password and compare it to see if it was actually salted. Considering it's MD5 and your account may potentially have monetary value, I wouldn't be hesitating to be changing all accounts using that password.

Several months I think assumed according to this: http://www.lockdown.co.uk/?pg=combi

The article is 2 years old. There are botnets that I presume could do ~50 billion/sec now (Number pulled out of ass).

A single machine loaded down with four high-end cards can do 4.5GHashes/s so an army of bots could easily eclipse that.

The G means Giga, as in 4.5 Billion? I haven't seen it used that way before.

I believe bots are unlikely to have four high-end cards though, due to my assumption that the nature of bots come from weak users therefore weak computers.

Do you have a source for the capability of particular capacities to find passwords including botnets like my link?

13 characters is good. Letters, numbers, and punctuation is good. But note that "abigp4ssword!" qualifies under your rule. Any dictionary terms even with l33tspeak encoding will weaken it.

The salt is the part after the $1$ before the next $. If that's more than a few chars you should be safe until you can change it to something completely different immediately, and don't use it anywhere else.