Re: Don't Just Blame Users
Shocking that some banks force you to use WEAK passwords. I would change my bank!
But I can't say I agree that 'sometimes 12345 is good enough'. The purpose of a password is to ensure accountability. That is not maintained with 12345. If 12345 is fine in terms of risk (no sensitive data accessed), the password control probably should not exist.
Cost of control should never outweigh its value.
Having said that, you may think your account has no sensitive data in it, but what if someone steals your credentials and starts posting illegal content all over the web, or malware? It's in your name.
Also I'm pretty sure you will have an email address linked to that account. Now the 'spear-phisher' has your email plus a known interest of yours and could masquerade as the site you are signed up to.