Also it's been a while since I checked haveIbeenpwned, a great site to check if your email address and password combination has been included in any data breaches. Since last time I see they have now added a section where you can put in your password to see if it's a risky one to use. It reminds me of a teacher I met who got his colleagues to try their passwords in his password-strength-tester program. It simply generated some random number and told the user their password would take X number of hours to crack... and while it did that, it sent their passwords out to a text file for later use. Not that I'm suggesting haveIbeenpwned are doing that; I'm just suggesting you use your password until you get notified that it's been included in a breach rather than entering it into unknown programs or websites. If you want to be really secure, try changing it every month without just adding the numbers 01 through 12 onto the end.
Usual disclaimers: I'm not a doctor, legal professional or financial advisor. This article is for information/education only and reflects my own opinions. It should not be taken as financial, legal or medical advice. Do your own research and never invest anything you cannot afford to lose (including your time).