- Millions of people use password managers. They make accessing online services and bank accounts easy and simplify credit card payments.
- Many providers promise absolute security – the data is said to be so encrypted that even the providers themselves cannot access it.
- However, researchers from ETH Zurich have shown that it is possible for hackers to view and even change passwords.
I’m not sure if you’re asking if it is better to use the same password with 2fa, or questioning a claim that it is (which I didn’t see in the article). If it’s the first, no it is not better to re-use a password with 2FA.
2FA is meant to prevent someone from accessing the account if they only have your password. The problem with re-use is they can attempt that same password on other services, which may or may not support 2FA, or may have flaws in their 2FA implementation.
Also, many services will “give away” that the attacker has the right password by reacting differently if they enter the wrong password vs the right one, such as only showing the 2FA prompt if they have the right password.
Using unique passwords AND 2FA is far better, as it means an attacker must start from scratch for every service they wish to attack, and still requires compromise of your 2FA device in addition to finding out your password.