Ask them do not leave emails (webmail or pop mail with local client) containing : password, login, (mot de passe, profil, identifiant mot de passe en Français) and all other account information. These emails can come from eCommerce websites, bank website (poor security there!) or web 2.0 sites ... Please just kill these emails once noticed login and password... and empty email trashbin.
Also kill the ones requesting a login to reset password...
Do it NOW : there is obviously one or two pending...
PS Don't keep this information on an excel or word file saved on the desktop with name 'passwords'! or worth on a postit! over your screen or keyboard.
