Is a Sony contest site really "high security" in the minds of users?
If I were entering I would use an easily guessed password for it because I don't care that much about the account. Email and banks get much better passwords.
I have interviewed a few people about their password strategies and quite a few seem to have a tiered password approach. But that is still an easy setup to exploit, as I explain here:
Furthermore, I've noticed in my interviews that few people realize that the account they need to guard most is their e-mail account. They may have a 3 password strategy but, it goes something like:
worst password: forums, news sites, Sony, etc.
better password: email, social
best password: banks, brokerage, commerce
Once someone gets into your main email account, it's usually pretty easy to break into all the other accounts unless you have a unique password for every account.
I doubt many users do that kind of distinction between low and high security sites. Watching my mother I don't believe she got more than one password at all and that's the sort of user that is affected the most by these attacks.
If I were entering I would use an easily guessed password for it because I don't care that much about the account. Email and banks get much better passwords.