Modern malware, especially information stealers like RedLine, Vidar, or Raccoon, specifically scan drives for files named password.txt , logins.txt , passwords.docx , etc. These are low-hanging fruit. Once your device is compromised, that file can be exfiltrated in milliseconds.
If you want a blog post about password security, here’s a sample of what I can produce once you confirm the direction: password.txt
Some savvy users will argue: "But I put my passwords in an encrypted ZIP file called password.txt ." especially information stealers like RedLine
