Re: Special characters
To be honest, that's my point. Unless the password is truly random, non-human-rememberable, then it's highly likely someone else has also used it somewhere, and possibly had it "discovered" by h4xors and added to "The List". I suppose it's really a case of assessing how important a password is in each particular circumstance. The more important sites will hopefully offer 2FA ,where they will know exactly who you are anyway, so them having a phone number for 2FA is no big deal, eg a bank will have your number anyway, or less secure but still better, limited tries to log in. It's hard to run a dictionary attack if you only get 3 tries before either a cooling off period or a lock-out.