...I would make these changes asap. While interception is unlikely, better safe than sorry.

Many companies, like AOL for example, do not offer this type (password recovery) of tech support on weekends. (Found out the hard way.) If malicious activities start Friday night, you could be at their mercy til Monday morning.

Also, many net based services and sites offer to reset "forgotten" passwords via the email they have on file. If you email is compromised, ANYTHING that permits this type of reset is vulnerable. The danger ranges from privacy invasion to financial loss and identity theft.

Just gathering data and making police reports of this type can take 3-4 hours.

Always use strong passwords. Include letters, numbers and symbols such as []-=` when permitted. If symbols are not allowed, use at least 10 characters in the p/w.

Good luck

Mahalo for that.

There's a lot of in-between like utilities and stuff, but unless you were a target it probably won't matter. Change them when you get the chance. I've got at least 200 passwords I use (not kidding) and I've never had one of them be the source of a breach. I also don't make them easy like "ABC123". I almost fired someone because I hit the main server of our company over a modem, typed his last name for the username, and "Bob" for the password and had full system-level access. Anyone who knew him would have easily guessed it on the first try - I did. It wasn't a pleasant exchange and I made him deal with it immediately which included an on-site visit to a client because they were using it in code he wrote (he wasn't a good programmer to begin with - lazy).