That old sysadmin in St. Louis told me to never use the same password twice and I rolled my eyes until I got hit with a credential stuffing attack 3 years later
Lost access to my email, bank, and two social media accounts in one afternoon because I reused the same password across everything, and it took me 6 weeks to claw them all back, so has anyone else had to rebuild from a compromise like that?