When I checked my email today, I received the following email from my bitwarden.
Additional security has been placed on your Bitwarden account. We've detected several failed attempts to log into your Bitwarden account. Future login attempts for your account will be protected by a captcha. Account: myemail Date: Friday, September 2, 2022 at 1:49 PM UTC IP Address: 184.108.40.206 If this was you, you can remove the captcha requirement by successfully logging in. If this was not you, don't worry. The login attempt was not successful and your account has been given additional protection.
I had no clue why someone was trying to get into my bitwarden account; after a couple of hours, I received another email from google.
Some of your saved passwords were found in a data breach from a site or app that you use. Your Google Account is not affected. To secure your accounts, Google Password Manager recommends changing your passwords now.
I used to use google password manager when I was new to the internet; however, I have left it because of security concerns. However, Google sends me an email if my password is found somewhere stored in the password manager. People try to get into my crypto accounts whenever they find my passwords online, but I don’t use those weak passwords. Initially, i didn’t know why people are trying to login into account’s however then i observed a pattern when i get email of Failed login attempt after some time, i got an email from haveibeenpwned in which they tell my email was found in some breach.
I was using three websites with the same password for which google notified me of the breach: uber, udemy and pomodone. So now i have to wait and see about the news which website got breached as i checked on haveibeenpwned they didn’t report any new breaches.
I am relieved as I have improved my security hygiene by using unique passphrases for different websites with a security key for 2fa.