But yes, a unique random password would limit any potential damage they could do either way.