This stash of 2 million passwords follows a massive hack on Adobe revealed in October in which a jaw-dropping 38 million user accounts and passwords were nabbed and posted to the 'net. That attack was so big that other website vendors were affected, because many people use the same user name and password for all of their websites.
Unfortunately, this hack isn't new (see also the LinkedIn hack, the Ubisoft hack, and the Cupid Media hack, for a tip-of-the-iceberg starting point), and as long as there is money or power to be gained from accessing other peoples' online identities, it seems unlikely to ever stop being a problem.
And while this doesn't seem like a parental problem per se, it really is – it falls under our "important stuff we need to teach our children" heading, right up there with crossing the street and why you shouldn't wear black shoes with brown slacks.
It's no longer enough to assume that because kids are young and wired, they're with it vis-a-vis good password discipline – that means (really) strong passwords, different passwords for different sites, and, if you must, hoard a list of all your logins and passwords, stashing it an incredibly safe hiding place, preferably in the real world and out of plain view.
And even then, you can't assume just because you've got a password that you're assured of online security – talented hackers can crack through even seemingly tough-to-guess passwords like "n3xtb1gth1ng" or "qeadzcwrsfxv1331."
On the flip side of that are the passwords that people more often use – easy to remember, and insanely easy to crack. Some of the Adobe passwords now in the hands of hackers include (get ready to probably feel at least slightly better about your own password habits) "password," "photoshop," "aaaaaa," and "123456" (as featured in Spaceballs!).
Even relying exclusively on passwords like "Xh3@#..Lpmz0" won't keep you totally safe, so for the highest risk sites (a primary email or Facebook account) using a second layer of authentication is a great idea whenever possible (Google does a good job of this with its 2-step verification process.)
Perhaps, with a solid generation of parental guidance, we can at least somewhat beat back the stolen password trend that leads to identify theft and (often) actual things and money-theft. Now, if only there were some way to effectively teach teens that whatever they post or send will inevitably wind up in the most embarrassing forum possibly imaginable...