I always have a question come to mind whenever I read these kinds of guidelines: what percentage of computer users have ever had their passwords compromised?
I'm guessing there's no real way to gauge this because I've never seen a study nor heard anyone else touting one and yet, complex password protection guidelines are always being recommended. Why?
I have no idea about the percentages. But I've been hit twice. One by a leak from a sizable gaming website, and the other time by gawker. Neither time I gave a shit because thankfully I was smart about my passwords.
There's always a risk, it's not expensive to defend against, so why not?
Those are interesting examples because you didn't lose the passwords, those websites did. So stuffing your password in your wallet, or making sure they were 12 characters long wouldn't do any good.
I'm guessing there's no real way to gauge this because I've never seen a study nor heard anyone else touting one and yet, complex password protection guidelines are always being recommended. Why?