The scraped data of 2.6 million DuoLingo users was leaked on a hacking forum, allowing threat actors to conduct targeted phishing attacks using the exposed information.
Just use a password manager and a unique, long, random generated password for every site. There's no need or reason to know the password to anything other than your password manager and your primary email.
The thing is the average person either can't or can't be bothered to remember even a dozen actually secure passwords, so they fall back to a couple of simple derivations of a common password, meaning each and every site a user signs up on represents an additional single point of failure.
Just use a password manager and a unique, long, random generated password for every site. There's no need or reason to know the password to anything other than your password manager and your primary email.
in like a decade the use of a password manager will be a bad idea. i don't know how but it will be.
Hmm, a single point of access for every password you have? I don't see the problem...
The thing is the average person either can't or can't be bothered to remember even a dozen actually secure passwords, so they fall back to a couple of simple derivations of a common password, meaning each and every site a user signs up on represents an additional single point of failure.
That's a good point.
Lucky until we get actual quantum computing, it's not worth the years on a supercomputer to crack a single stolen set of encrypted passwords.