[cmonreally123]

For the hacker news crowd I agree, but for the average public and law I feel this at least warrants thinking about if we need additional protections as I feel the surveillance we have today and what we had when the laws were written and what the general public expects mismatch drastically.

If I get a password prompt in public am I expected to run into the nearest private property because legally I could be recorded and my input recorded and extracted ?

[Manuel_D]

With respect to passwords, biometrics and password managers (or better yet, public key infrastructure) is the solution. Not privacy booths. If I had my way, apps wouldn't let users pick their own passwords: they'd email users 30+ character generated passwords that they couldn't possibly memorize and thus force people to use password managers.

Unfortunately, enforcing strong passwords drastically discourages new user signups. I remember when the security team enforced stricter password policies at Dropbox new signups dropped by a factor of 10 (by "stricter" I don't just mean length + special chars, they experimented with banning all of the 100K most common passwords). It just isn't economically sustainable to enforce strong passwords.

[sitkack]

perhaps if you have a weak password, your service level or class is constrained.