[Ntrails]

> use a horcrux only for the most important logins - your social media, bank accounts etc.

Am I the only person who does a huge double take on this? If someone hacks a facebook or a twitter - what precisely am I scared of? My bank accounts are literally my net worth. If they get hacked I'm broke.

Why would I want a particularly strong password on Twitter or Facebook or Linkedin for that matter

[peeters]

I wonder if it's implicitly acknowledging that social media (at least Google and Facebook) are authentication providers for thousands/millions of other services. So it's more of a "protect the keys to the kingdom" suggestion for those that use Facebook/Google to sign in to everything (not that I recommend doing that often).

[Ntrails]

I would 100% consider email under the highly important banner, but I'd not considered at all the "Log In With Facebook" angle.

[aetherson]

There are at least some people for whom twitter and other social media sites are important professional assets.

And I'll echo another comment that if you login with Facebook or Google, that increases the value of that password.

On a similar note, your very strongest password should be whatever controls the email where your password resets get sent to.

[v01dlight]

Because they are your public face online and the quickest route to your contacts. It is trivial to do immense reputation damage with access to that. Would you rather go through the hassle of getting money back after you were the victim of bank fraud, or getting respect back after someone posted hardcore porn to all your contacts or used your social media as a vector to spread a scam link?

[nicwolff]

Probably because (too) many people use them as OIDC providers for many other sites. "Log in with..." &c.