[alkonaut]

Most people don’t use many services where security is important. It’s not uncommon to have several hundred accounts with passwords, but I have maybe 10 that I really worry about being hacked/lost. For all the crap sites I can just use $singlepassword+$servicename as password. For the few sensitive ones I use strong passwords and 2FA. I do use a manager to keep those strong passwords - but even though I have it, I can’t be bothered to use stronb passwords for all those forums, web shops etc.

Is my solution secure? No. Using a bad password for hundreds of sites is definitely not secure - but the quality of a password only needs to be proportional to the sensitivity of what it protects.

[BoorishBears]

When I started using a password manager I did something similar, but I told myself every site which used the "insecure" password was linked. So I'd ask myself "If someone hacked the least consequential site I've used this password on, they'd also have hacked this site, do I care?"

It was very rare that the extra 30 seconds to add a new entry password manager wasn't justified after asking myself that question.

I think it all comes down to ease. Yes, some secure passwords is better than none, but it's just soooo easy I'd just say go with the PM