Increasing the counter at the end is obviously weak when you find that "password46" is not working anymore so you try "...47".
However if someone steals a whole password database with a million passwords, chances are they just automate the login attempts and subsequent nefarious actions. They might not try to figure out anyone's naive password scheme if they get thousands of successful logins the easy way!?
I'm saying this because I've heard your reasoning before, and of course I've been staring at the keyboard when trying to change one of my passwords, wondering just how clever I need to be right there.
However if someone steals a whole password database with a million passwords, chances are they just automate the login attempts and subsequent nefarious actions. They might not try to figure out anyone's naive password scheme if they get thousands of successful logins the easy way!?
I'm saying this because I've heard your reasoning before, and of course I've been staring at the keyboard when trying to change one of my passwords, wondering just how clever I need to be right there.