I had one of my passwords compromised from some random service six years ago, and since that I use a password manager. Every account I own (the ones I remember, BTW) have unique, random and very long passwords (70 chars or more). So if one leaks, I just change one.

No matter what password manager you use (I have Enpass), you will have almost unbreakable passwords. And subscribe to Have I Been Pwned (something like that), so you are informed when the password or hash you have is seen somewhere.

On Sat, Aug 4, 2018, 10:24 D. Hugh Redelmeier via talk <talk@gtalug.org> wrote:

| From: Mauro Souza via talk <talk@gtalug.org>

| Don't worry about this kind of email. It's a know scam.

The email proves that my password is in the wild. In no way does that
prove it won't be used in other ways.

As I said, I wasn't worried for my own security (except as regards
my Canada Computer account). I did change my CC password and checked
for scary activity on that account. (Come to think of it, I didn't
check if "I" left spammy comments or reviews on their site.

I'm worried for all other Canada Computer account holders, some of whom
are less careful about reusing passwords.

I'm worried that Canada Computer is not acting responsibly when informed
of a security problem.
---
Talk Mailing List
talk@gtalug.org
https://gtalug.org/mailman/listinfo/talk