Not as many times as you'd think and again that us utterly irrelevant.
It's not how many time you put it in it's into what and then what that thing can do with it.
Not all passwords are equal and for most people their primary email is the domain admin/root credentials for of their life.
And it isn't relevant if I personally audit every application or not I can build a trust model based on my risk appetite and the threat models that are relevant to me and the situation and everyone does it even if they are not aware of it.
I can put my trust in a specific vendor based on their business model, their reputation, the resources they have available and my experience with them and the legal frameworks surrounding the service/product. I can put my trust in the community at large in the case of open source products because while individually neither myself nor most other user validate every line of code and every commit it is possible and the community at large does do that.
Let me ask you this I this wasn't and email client but say a thick client for your online banking would you still ask me the same question? bare in mind that having your email compromised today is considerably more damaging than someone logging into your online banking as it's much easier to sort the latter and there are also considerable mitigating security controls around it.
It's not how many time you put it in it's into what and then what that thing can do with it.
Not all passwords are equal and for most people their primary email is the domain admin/root credentials for of their life.
And it isn't relevant if I personally audit every application or not I can build a trust model based on my risk appetite and the threat models that are relevant to me and the situation and everyone does it even if they are not aware of it.
I can put my trust in a specific vendor based on their business model, their reputation, the resources they have available and my experience with them and the legal frameworks surrounding the service/product. I can put my trust in the community at large in the case of open source products because while individually neither myself nor most other user validate every line of code and every commit it is possible and the community at large does do that.
Let me ask you this I this wasn't and email client but say a thick client for your online banking would you still ask me the same question? bare in mind that having your email compromised today is considerably more damaging than someone logging into your online banking as it's much easier to sort the latter and there are also considerable mitigating security controls around it.