How would a strong password help in the event of a hack?
They may as well be 'mypassword'. Nobody guesses what passwords are anymore; they just find out for themselves.
Twitter has reset an unknown number of accounts following the offer of millions of usernames and passwords for its service for sale on the dark web. Although the social media company continues to insist that its systems were not compromised, in a blog post its Trust & Information Security Officer Michael Coates said the …
Hmm, Twitter say they've not been hacked...yet, the dark web offer includes current accounts? Well then if they weren't hacked, the data was handed over.
But, this is going to be the new normal. Two factor authentication for everything and that may not be effective eventually. To get into my system at work from my laptop at home, it's got a nifty two factor setup. I've an app on my phone, that the moment I try to log in sends a push notice. "are you logging in at boffowidgets.com?" I can say yes, and I get logged in...I say no and the browser window closes. Of course the IT department makes sure I change my PW monthly, and has rules about how to construct it. To my knowledge the mainframe has never been hacked, though occasional spam makes it's way into corporate email.