answer:@elbanditoroso The cracking programs are using dictionaries of millions of known existing passwords plus algorithms that manipulate the existing ones (substitute O’s of 0’s, 1’s for l’s etc.). What they’re going to do is hack a low-security website (e.g. I just had to register a username and password for a photographer’s website) through a easy exploit and then crack all of the passwords in their database. From there they’ll try those same combinations of username and password on other sites like banks, email accounts, retirement fund accounts, etc (since most people use the same username and password on all sites). I use an app called 1password to manage and generate different random passwords for every login I have. I only have to remember the master password. I think there are free alternatives out there too. It’s a much more secure way to handle this. Here’s an example of a secure password it generates: Du3aWMWp6Lfp28k%.@ra[ioiKd I’ll never have to remember that or ever type it in anywhere, and if some hacker manages to crack that password it’ll be worthless to them because it’s used nowhere else on the internet.