You raise an interesting point from a security perspective:
Unique passwords aren't the only need these days, often unique email addresses are too.
Credential stuffing has become so prolific that people are often finding themselves locked out of their own accounts, due to failed attempts. It has the added benefit of letting you know who was breached.
I encountered roughly the same when I received a Bitcoin extortion email, with a unique password in it. I correlated it with my password database, to discover who had been breached. I reached out publicly to the company to ask what was up, as they never notified me of a breach. Initially they played it down, but then finally confessed they had been breached.
Unique passwords aren't the only need these days, often unique email addresses are too.
Credential stuffing has become so prolific that people are often finding themselves locked out of their own accounts, due to failed attempts. It has the added benefit of letting you know who was breached.
I encountered roughly the same when I received a Bitcoin extortion email, with a unique password in it. I correlated it with my password database, to discover who had been breached. I reached out publicly to the company to ask what was up, as they never notified me of a breach. Initially they played it down, but then finally confessed they had been breached.