The relationship is the problem.
Calculating the levenshtein distance is the first thing that comes to mind, then creating a regular expression that covers any leaked passwords tied to the same account.
This is all easily scriptable and two leaked passwords might be all a script needs to discover the pattern. Once the pattern is known, all of their passwords become knowable.
F04118F@feddit.nl 5 days ago
Obviously random is better, but uniqueness of passwords is IMO even more important. They are effectively spreading around their master password