[thejerz]

> There’s no need to change passwords if they're robust, unique and not breached

This assumes you'll know if passwords were exposed in a breach. Some breaches go undetected.

[dylan604]

Another comment that reads as if they are skipping the "unique" part of the text they are quoting.

If you use unique passwords for everything and a leak goes undetected, the damage is contained to just that one site/service.

cherry picking quotes to nitpick is only effective if you address the full quote rather than cherry picking a point of a cherry picked quote

[spicybright]

It's honestly strange this has to be said as it's such an obvious thing.

[jandrese]

This also assumes that changing the password would effectively lock out attackers that have already breached your systems.

[spicybright]

It's vastly more likely you'll be pwned by remote passwords than local programs. Even if it is a local program, there's so many ways to store a password there's no automated way to reliably get a password. Your threat model will become a person targeting you specifically, thumbing through your files to find information, etc.