Even if you found a leaked password, the site would trigger a silent CAPTCHA or require 2FA (two-factor authentication) sent to the original owner’s phone.