A: Yes, otherwise they would not be able to authenticate your password on the next visit.
A quality site will store your password in an encrypted format, so if the site is compromised and the password database accessed, it is if no use. Unfortunately, this is by no means universal.
As a side note… Over 500,000 internet accounts are hacked every day! Because of this, it is vital to protect your data that is stored with online and brick-and-mortar businesses. Not a bad idea to mark your calendar to check every month if any of your accounts have been hacked. This is done by visiting:
- https://haveibeenpwned.com
- https://hacked-emails.com
These sites monitor such breaches. Their databases overlap, so best to check both.
