Lets say I use a 5 word password composed of 4 words + the name of the website I’m accessing. For example for github it would be something like ‘correct battery horse staple github’.
How is that different to using a password manager with ‘correct battery horse staple github’ as the master password?
I also have a simpler password for accounts I don’t care about or that I suspect they might be vulnerable. I assume that everyone but the mayors (google, facebook, github, apple) store passwords in plain text.
Am I at risk by using this approach?