Many businesses are becoming more security conscience. They are making sure their systems are patched and updated, anti-virus is up to date, some are even regularly scanning their systems for vulnerabilities. This is a good thing, but many times they are overlooking something very obvious – regularly changing your password.
In my 20 years of IT support I have seen some crazy things. One company that was religious about updates, network security, account protection and scanning for vulnerabilities overlooked one major thing. They used the same simple domain admin password in their Windows network that they had been using since it was an old Novell Netware based system.
For about 15 years, they used the same main password.
Just think, with IT staff coming and going, consultants coming in, etc, about how many people knew that password? Oh, and did I mention that it was also the local admin password used on the desktops?
People get attached to passwords and tend to use them on several systems. It is important to change your passwords over time, schedule it if needs be. Also, do not use the same password for multiple accounts. Something as simple as using long complex admin passwords will go a long way in protecting your systems.