I feel pretty safe after changing all my keys. I just use the posting key day to day, the active one very briefly when doing market transfers and will not have to touch my owner key password which is ridiculously long and random.

Maybe I'm fooling myself.. I don't know