Honestly, though, it's not that bad of an idea. Provides just enough convenience for people to use unique, randomly generated passwords for each login. Much worse for a website to leak the credentials you use for a bunch of other accounts. Using a pw manager and 2fa is imperfect but still the sweet spot in my opinion.