Indeed, the attack surface of passwords is pretty large. That's why I think the best is to get rid of them altogether. ;) There is a new browser protocol just for that called webauthn, a.k.a. passkeys. Instead of passwords, it relies on the local device authentication (like fingerprint, face recognition, swipe pattern, etc) and asymmetric cryptography. As a result, it is both more secure and more convinient. Check it out here: passwordless.id ;)
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Indeed, the attack surface of passwords is pretty large. That's why I think the best is to get rid of them altogether. ;) There is a new browser protocol just for that called webauthn, a.k.a. passkeys. Instead of passwords, it relies on the local device authentication (like fingerprint, face recognition, swipe pattern, etc) and asymmetric cryptography. As a result, it is both more secure and more convinient. Check it out here: passwordless.id ;)