A great idea of yours sharing this kind of information for all to get aware and have an idea by choosing a good password but we should also consider it's still possible to get scammed when you open too many sites which has too many adds and maybe if you don't know it's a fishing site until you can't open your account.
Definitely but that is a different story, I agree that those hacking sites could phished one out just by letting you logging in a fake website or application that looks like real.
Take note that legit and secure website read like this (https:) and not secured website has only like read like this (http:) without letter s. This is the only thing I know about secured or legit website and not secured website. I guess there are many good members here that could explain further on your posts. You may create also a thread for this for the newbies. This is very important for the awareness of the new comers here. This will let them avoid scam and phishing activities.