44 million Microsoft users reused passwords in the first three months of 2019 | ZDNet
Microsoft used a database of three billion publicly leaked credentials to identify users who reused passwords.
Lamar Bailey, senior director of security research at Tripwire:
“It’s good practice to ensure individuals have different passwords for different accounts, and these passwords should be passphrases that are not easy to guess. By educating the workforce about the basics of security, like not reusing passwords for numerous accounts or not clicking on malicious emails, links or attachments, will naturally reduce the threat of an attack. People are unfortunately the weak link in the security pyramid with hackers preying on this naivety and this needs to change.
“It is now critical that users check for compromised passwords and usernames on a regular basis. Many password vaults like Lasspass and Dashlane will do this automatically for you or you can use a service like https://haveibeenpwned.com/. If an account has been compromised make sure to change that password. If you are following best practices and not reusing passwords you limit the exposure greatly. Password vaults have tools to create secure unique passwords for sites so reuse should be a thing of the past.”