• Mirodir@discuss.tchncs.de
    link
    fedilink
    arrow-up
    1
    ·
    11 months ago

    Suddenly you have a 26+ character password that you don’t forget and doesn’t compromise you across other services because each is different.

    It depends on what is compromised and how the attacker operates. If the attacker has your plaintext password instead of just a (hopefully salted) hash AND targets you individually instead of just having your password in a giant list of login-info to automatically try on other services then it’s trivially easy to guess that e.g. your Spotify password is <Spotify>yogurt</Spotify>.