The scraped data of 2.6 million DuoLingo users was leaked on a hacking forum, allowing threat actors to conduct targeted phishing attacks using the exposed information.
3 points
Tools like Bitwarden will let you fairly customize the randomly generated password it makes. You can tailor it to not use certain characters for those sites that don’t allow it. And each vault object can be customized like that independently so you don’t compromise all your passwords by not allowing _ or (, you can also have it do pass phrases like you gave an example of