We can improve our security against Case 2 somewhat by limiting the
amount of information available to an attacker who captures only a few
site passwords, at the cost of becoming more vulnerable to Case 1.  If
the site passwords known to the attacker contain less entropy than the
master secret, the attacker must perform an online test of each
apparent hit from the offline dictionary attack.

In Case 2, the attacker does not know the length of the master
secret, so even with a master secret that correctly generates all
the captured site passwords, the generated password for some other
site may still not match --- so the attacker must test their guesses
online.

This tradeoff also applies to other password-hashing systems, such as
Password Multiplier and the Password Generator Bookmarklet.