Going through such extremely old lists is like a glimpse of the past. Strange websites I used to know. Forums I used frequent. Services I used to subscribe to. For comparison, the GPG encrypted local file I use these days has over 600 lines in it.

I'm just deleting these passwords inside the old Google account because I don't want get emails warning me about weak and non-unique and passwords that have been part of a breach. There's too many of them. If the service in question hasn't locked my account or expired my account or deleted everything after all these years, I don't think it matters if the spammers take over. I can't stop them and our society will have to learn to deal with the zombie accounts. My position towards such accounts is similar like my position towards other personal information online: the default should be expiration. To keep them forever is a burden that just keeps increasing. 600 passwords to change or accounts to delete when I no longer care about the service and barely know how to navigate the garbage and with all the scripts I have to enable just to see the login box? And most of the time those old passwords no longer work anyway? You must be kidding me.

Such accounts should auto-lock at the very least.