I somewhat agree, but when mass hacks occur it opens people with poor passwords up to hackers because they've got all the time in the world to see whose accounts they can get into.
BTW Do you use the same password on your Gawker account elsewhere?
As long as the password is unique, it doesn't even matter. Sure, it should be unique yet not revealimg a pattern ("goofy" is ok, "gawker" is not) but there is no need for the user to pass crypto 101.
This for those 1.5m that were just A target; Nick Denton, OTH, was THE target and it was just matter of time for him to get pwned.
>BTW Do you use the same password on your Gawker account elsewhere?
I had to check the other day. I opened that account to leave one comment on lifehacker (that was never approved, actually) and then forgot about it. Turns out the password was safe enough but my mistake there was to use an email address I cared about.
Now I have a less important email address and a supergenpass for everything, except gmail/facebook/dropbox and the other things I care about, for which I have better passwords.
I usually have two passwords: A stupid one that I only use on stupid sites, and a good one that I use on crucial ones (Gmail, Amazon, bank). There's no relationship between the good and bad passwords, so I feel more confident that I'll be unaffected by data breaches.
I checked the torrent and I guess I never made a Gawker account.
The problem with that plan is that one day you will learn that someone who works at Google, or Amazon, or your bank or some other "crucial" site has captured millions of username/password combinations and tried them at all the other crucial sites.
BTW Do you use the same password on your Gawker account elsewhere?