I got a notice from my browser that my password here was leaked

Might wanna have everyone change their passwords.

 

Those browser warnings don't mean the site they pop up on was compromised, they mean that the password you used and/or have saved for the site was also used on some site that was compromised. Depending on what the browser is doing this could mean your username/email and password combo showing up in a public leak, a known non-public leak on a site that the browser knows you use the same password on, someone (not necessarily you) using the same password somewhere and it ending up in a massive list of compromised passwords, or something else along those lines.

https://haveibeenpwned.com/ is at least one such resource for checking if your information is out there.

I'm pretty sure that QQ itself is fine, but you should probably change your own password if you haven't already.

 

Nope.

 

I am not a mod or something but i checked using my own email and while it has been leaked in other cases according to haveibeenpwned there was no indication that there was a leak involving QQ.

(Also you have heard this a 100 times already but some people still don't do it so: Always make sure to use different passwords for every account)

 

Using the same password for lowsec shit and for highsec shit is stupid, but using the same password for lowsec shit and other lowsec shit is not actually especially bone-headed.

 

For the record, highsec shit =

- Your root account on your own computer (this is the crown jewel; if this is compromised everything else is compromised because of saved logins and keyloggers)
- Your email, if it's a webmail (because this can be used to reset password on most of your other accounts so again a compromise here fucks a lot of other shit)
- Anything that lets you spend money (i.e. which bad guys could use to steal your money)
- Anything where you have unusual authority with which someone could do mischief (e.g. mod/admin access, or control over real-world objects; technically fic counts if you're dumb enough to post to only one site and not have a backup, but that's easily fixed)
- Anything that has secrets you want to keep (e.g. in PMs; stuff in member-only forums doesn't need your account to read so it might as well be public)

I mean, yes, if you can trust the password manager and you don't mind the inconvenience. I'll note that the only real difference between a password manager and a .txt file on your desktop is slightly better security against Evil Maid/Evil Housemate.

 

A number of password managers now also offer to generate really long passwords for you, but other than that you're right.

To be completely honest, people panic too much about data breaches. Just keep changing your passwords and keep an eye on anything important.

I'm fairly sure I've had data stolen recently that doesn't even show up on that haveibeenpwned site, there's been a strong upsurge in spam emails. So what, just changed all my important passwords and moved on.