Even 16-character “random” passwords are vulnerable