I do have to echo a few other posters.
"First, assume that the hackers have the encrypted password database"
WHAT?!
That means they have completely powned the site. They likely have my address, credit card numbers, history and preference in sexual aid size, texture and color.
And they have probably left keyloggers and transaction loggers to make their future data collection painless.
And you are worried about my password? Why?
Instead, why don't you focus on securing the site. Separate out the information display from financial transactions. Isolate the potentially-compromising details from the "who cares" data.
My power company website is a prime example of stupidity. The only thing I usually want to do is check my usage data. But they require a complex password, and prevent using a password manager. They they load a whole complex active page, referencing external sites and immediately showing me a bunch of static account details. Details that I don't care about, except in the rare case that I want to modify my account, but that could be useful for causing problems with the account. Clearly real security isn't the priority, rather 'security theater' implemented with password pain.
Biting the hand that feeds IT
