Good discussion today. In addition to not sharing passwords, this series of account compromises also lends support to the model of having a separate username, and associated identity, for each website. Such as the Sound Bytes forum. Similar to how it’s advised to create fake answers for account recovery questions; being required to fill in all your real info in a profile makes it easier for it to be compromised, and more damaging. I setup a Yahoo account years ago to participate in a discussion group. I couldn’t care less if it got compromised since it contains no personally identifiable information.
Unfortunately, large social networks like Facebook encourage using a single account for all online activity. I also have privacy concerns with this approach. I join online communities to focus on a single topic. I don’t want all my other personal stuff to be dragged along with it. I’ve gotten around this by creating several alternate Facebook accounts but I wish the large social networks would recognize the downside of encouraging users to include too much personal info when creating accounts. Some like Twitter make it fairly easy but Facebook doesn’t.