At the Infosecurity Conference 2018 conference in London recently, Lastline conducted a questionnaire survey of 306 information security professionals attending the conference and found that 45% of experts had committed a fundamental security error – reusing account
passwords.
Using the same password across multiple different services presents a significant security risk because all users can access all of these services as long as the password is compromised.
Repeated use of passwords has led to many accounts being stolen. F-Secure’s principal security consultant Tom Gaffney said that security professionals are also human and naturally make mistakes.
Gaffney said:
“F-Secure cyber consultants find default passwords used by IT admins pretty routinely. Some of the biggest corporate hits have been caused by targeting the very IT teams who should know better. Sony got hit badly twice in 2014, first the hackers targeted the admin accounts of their IT admins and, among other things, stole the film The Interview and also end user data which was stored in a folder called “password.””
Source: thenextweb