So you have recently received at least one email claiming to know a lot about you, including your password and what you’ve been doing on the internet.
How do we know? Because virtually everyone has, multiple times.
Recent versions of this junk are especially nasty, trying to blackmail you for supposedly visiting naughty sites.
SPOILER ALERT: Just delete them immediately and forget about it.
They may seem to be coming FROM your address, or they know your address and claim to know your password, and other scary stuff. For an overview of this threat, and more background, check this article from our host.
For anyone who’s had an email for a few years, get over any sense of privacy. Internet email was never designed with serious security, and–since it was generally free–there’s been no incentive for massive redesign.
Thanks to lax storage practices at any number of companies, millions of emails are “known.” (Check yours here.) But that’s like your street address–few of us expect that to be classified info.
So your password is your only real chance to protect access. And, because the bad guys are more devious and numerous every year, you can’t just set it and forget it for 10 years. Those of us over a certain age have trouble remembering all this stuff–especially processing changes–but it’s just a fact of digital life that you need to change passwords periodically. AND make them more complex.
UNTIL–and unless–there emerges some grand unified ID for all of us, we’ll have scores of accounts and passwords. Best to work out some sort of filing system that YOU can find things in (as well as anyone who has to clean up after you due to incapacity). Password Manager programs, as mentioned elsewhere here, are a good choice (that way, remembering ONE password gets you access to all).
And a note on password structure…sorry, those real complicated ones are becoming more and more necessary. We’re probably evolving more towards “pass phrases”–short “sentences” of random, unrelated words. For the truly paranoid, there is a system to generate random passwords via dice.