This might have been acceptable 20 years ago but it’s not a strong enough policy today. Data theft happens all the time and it’s in the interests of a company who’s security has been breached to not tell you that your data has been taken. You should assume that at anytime someone has several examples of your login credentials, not just one. You should use a password manager that isn’t Chrome, Firefox, Safari, ect.
Give it a few more months and ads will be back. They dropped us in boiling water and expected us to just accept it. Microsoft will just slowly boil us next time.