I'm the person who wrote the comment on Troy's blog about the common 3 password approach, which I suppose inspired the title. What PC Magazine did not write was that I describe how hackers easily exploit it, here:
While I'm sure the typical Hacker News community member practices far-above-average password security, the vast majority of people don't see any reason why they should - or if they do, they get overwhelmed by too many complicated rules. From feedback I get, the above referenced guide works for the "average Joe."
http://www.filterjoe.com/2010/05/14/the-usual-way-to-manage-...
It's part of a password series with the following central advice for typical home users:
"Use a password manager to assign unique, random 15 character passwords for all accounts, protecting them with a strong master password."
This guide gets them started:
http://www.filterjoe.com/2011/04/14/passwords-guide-without-...
While I'm sure the typical Hacker News community member practices far-above-average password security, the vast majority of people don't see any reason why they should - or if they do, they get overwhelmed by too many complicated rules. From feedback I get, the above referenced guide works for the "average Joe."