Ideally, a good information security scheme has a series of factors that make it difficult for an unauthorized person to gain access to protected...
For further actions, you may consider blocking this person and/or reporting abuse
Great stuff. I was wondering what to do with my old key, now I know :)
If all goes well with adding the password to your .pem then you can keep using it as previous, but with an added password prompt. That process I described simply updates your existing .pem file. But try it out on a copy of your original .pem file, just in case. And don't forget to follow the steps I outlined on an expendable EC2 before trying it out on production.