Security has changed a lot in the past few years. Lots of large breaches being publicized. You can download most of these from the regular internet provided you have the right torrent for one of them.
That means it’s a lot easier to log in to someone’s account with data from one of these dumps.
Here are the steps I’ve taken to mitigate this:
- Install ESET Smart Security on my phone and computer
- Remove all saved passwords from Chrome
- Stop Chrome from auto-saving passwords
- Disable and uninstall LastPass password manager. Also deleted my account with them
- Start remembering your passwords by writing down the usernames and a simple reminder to help you find out which one is for which service
- Keep this excel sheet as an encrypted document in a thumbdrive in your safe
- Buy a safe that you can keep hidden away or bolted down
- Store all valuable identity documents in the safe, as well as your encrypted password-helper sheets
- NEVER WRITE DOWN YOUR PASSWORD ANYWHERE!