Comment Re:Use different passwords for different things (Score 1) 330
I had a thought about this while reading all these insightful security posts. Make things too complicated, and they don't work either as people will knowingly choose to be non-compliant.
It really doesn't matter about your "password" habbits assuming > avg length / complexity.
What does matter is end system security. What's more dangerous... someone has the password to my bank account, or an unauthorized user transfers funds from that account.
Passwords shouldn't be the Only door into a system. Which, despite my hate for the overal company, Chase does pretty well. Unrecognized computer? no login for you until you get a text or call, and input the codes.
Either way, if you are a spearphished target, there's little you can do but freeze your assets until the attacker get's bored and moves on.