[fearoffish]

Just a quick note about the passwords. If a bad actor steals your Facebook password and then messages all your contacts saying he (you) is on holiday and his cards have been stolen, but PayPal is accepted at the local restaurant...could he lend you some money until you get back. Are you bothered now you know that your friends are protected by that password too?

[scarejunba]

I wonder how common that is. I believe I had a trivial password on HN and on Facebook. Six zeroes on HN and dictword121212 on Facebook and no one ever did anything.

[fauigerzigerk]

I used a weak password for some throwaway account many years ago (I think it may have been Yahoo). Now I'm receiving daily ransom demands from someone quoting this password back to me threatening to expose my porn habits and whatnot :-)

That email comes in so many variants it's really entertaining. Someone is really trying hard to find the magic wording that gets through spam filters and makes people pay. It's not getting through my spam filter sadly, so when I want to read the latest episode I have to go look for it in the spam folder.

So I think what's far more important than choosing strong passwords is choosing different ones for each account.

[iainmerrick]

That exact scam has happened to people I know. I don't think anyone actually fell for it, though -- the fake distress call wasn't very convincing. It's easy to imagine how it could have been.