Remembering a unique one for every site is hard.

Again, password managers. You can have a "correct horse battery staple"-type password for that.

Password managers are a band-aid on a fundamentally flawed technology. They are what we have now, so (if your tech savvy) that's what you're using. But it's an absolute shame that this is where we're at.

I'm optimistic about the FIDO standard as a password replacement. Exciting things happening in that space recently!

it's hard for tech people who care about this, it's nigh impossible for laymen. it doesn't scale well.

throw in a bunch of random letters too!

https://api.pwnedpasswords.com/pwnedpassword/correct%20horse... == 2.

you know what they mean