But with Crypto, it is a different story. First, the hacker needs:
1- to figure out that the public key on blockchain belongs to YOU.
2- then he needs to figure out whether the public key was created based on BIP39 or legacy way (private key only per each public key).
3- then need to know that your way of creating passwords is like this.
Hackers don't want to crack some specific key, they just pre-generate lists of addresses with weak entropy, and then simply check if these addresses were used when a new block is found, and if they were, they instantly sweep the coins. They already do that with brainwallets, and as storage and computing power gets cheaper, it becomes more feasible to extend this method to target more sophisticated schemes.
That's a garbage site, I entered "11111111111111111111" and it said it's "reasonable".