Re: Presumably
Different passwords for different services, 2FA etc? Mr Average Joe Public doesn't do that.
Yes, Mr Average Joe Public does, because there's at least one UK bank that doesn't use passwords for their online accounts: they use a 2FA device for all web-based access.