From the nakedsecurity.sophos.com
Persuading people not to reuse the same password across multiple websites has become one of security’s big head-scratchers.
Asking people not to do something only gets you so far – because there will always be people who think it doesn’t apply to them, or who simply can’t be bothered.
But might there be a simpler fix? A new Indiana University (IU) study, Factors Influencing Password Reuse: A Case Study, thinks it has hit on an answer that’s been hiding in plain sight for years – set policies that mandate longer and more complicated passwords.