if the attacker gets their hands on a hashed password database.
This is the easiest and most common way, the primary thing to fear. Thats the main security risk we want to lessen by having a unique password per site. I’d say its so IMPORTANT to have unique passwords that I tell people to discard the old rules about never writing anything down. Write shit down, keep it in a drawer by your computer if needed. I mean, if they get access to that they already got access to just take your entire computer and rob your house, so it doesnt really matter. The important part is not letting strangers faraway on the internet get in because they are harder to catch than a house robber.
Having a complicated password is “only” the second most important thing because you cant rely on a company’s ability to not be idiots. Or done a human error. You dont want to be screwed if when a single company (of maybe dozens to hundreds) havent hashed and salted correctly.
This is the easiest and most common way, the primary thing to fear. Thats the main security risk we want to lessen by having a unique password per site. I’d say its so IMPORTANT to have unique passwords that I tell people to discard the old rules about never writing anything down. Write shit down, keep it in a drawer by your computer if needed. I mean, if they get access to that they already got access to just take your entire computer and rob your house, so it doesnt really matter. The important part is not letting strangers faraway on the internet get in because they are harder to catch than a house robber.
Having a complicated password is “only” the second most important thing because you cant rely on a company’s ability to not be idiots. Or done a human error. You dont want to be screwed
ifwhen a single company (of maybe dozens to hundreds) havent hashed and salted correctly.