As a millennial, I feel my generation has been defined by technology - I grew up surrounded by it, starting with my first PC at the age of 4. For me (as with many others in my generation), technology has been an integral part of growing up.
We know that historically all users are notoriously bad at maintaining good password hygiene, but in this study from T-Systems , millennials seem to be the worst. They are much more likely to both over-estimate their knowledge while undertaking unsafe practices, such as poor password hygiene and oversharing of sensitive data.
There is always the worry that third-party sites could be compromised, and if a user has the same password for every platform, this could present a serious problem to you and your business.
You have seen in the news this week that the popular image sharing site Imgur had a breach in 2014 exposing the email addresses and passwords of approximately 1.7 million user accounts. The breach is scary, but what is scarier is the T-systems research. It found that when people have their data stolen, 34% still do not change their passwords and only 40% of affected users go on to change their password for other services.
In the survey, generation-Y individuals are also reusing passwords significantly more in the workplace than older generations. As the younger generations rise through the organisation, it means the odds are no longer stacked in your favour.
Protection of privileged credentials should be of utmost importance - after all, you wouldn't publish your domain administrator password on the internet, would you? A quick bit of OSINT gathering (assuming a better than 0% success rate) to find one of your service desk or IT administrator e-mail addresses in a breach database will give an attacker a great insight into perhaps a reused common password, or the structure you use to create your passwords.