If you follow recommended practices you should have a strong and unique password on every single website (or service) you visit or use, so that access to the rest of the other services is limited if one of your password is guessed or captured in some way . While this all very well, it’s quite hard to do in practice. We are either lazy and tend to repeat same passwords all over again in different websites or we just try to use variations of a few passwords so that we can keep them in our memory .