You are reading a single comment by @rodan and its replies.
Click here to read the full conversation.
-
And yet, the vast majority (meaning unbelievably high percentage) of people use the same password everywhere.
Of course they bloody do. The idea of creating and remembering a different password for every site is utterly ridiculous and completely misjudges the risk/hassle balance that any sane person is prepared to put up with.
rodan
And yet, the vast majority (meaning unbelievably high percentage) of people use the same password everywhere. Only a very small % use a password manager or have a non-trivial password for each site.
That is probably higher on LFGSS, because I've been banging that drum for years.
But still... when vBulletin and phpBB have been hacked in the past, and things have been leaked, I did compare password hashes with ours to see in general the strength of passwords on LFGSS. A very large number of people used the password
passwordand all of the most popular passwords were well-represented.So even on this site, where the cause has been argued for ages... the vast majority still used common passwords and dictionary words.
Passwords have long been broken, but no-one has a better solution that people seem willing to use. 2FA is damn good, and is the right thing, but again... virtually no-one really uses it widely.