WhosePassword?

Turns out that coming up with strong passwords is less simple than mere humans can comprehend:

For too many people, moving the digits around in some variation of Patriots69Lover is their idea of a strong password. So you might expect something complicated like” “ji32k7au4a83” would be a great password. But according to the data breach repository Have I Been Pwned (HIBP), it shows up more often than one might expect. […]

Turns out there’s a good reason for that.¹

[Via Pixel Envy]

1. Disappointingly, it turns out to involve users in a foreign country typing the equivalent in their language of ‘mypassword’, obscured by how Unicode encodes their input.