Stop Password Sharing Now
Today’s Office 365 article on Petri.com considers the question of password sharing. Apparently, a good percentage of senior people (in small to medium businesses) still think that it’s a good idea to share their password with their assistants or other people. Sure, it might help those people access a mailbox and process email for the owner, but it’s a huge and fundamental security black hole that opens up a tenant for all sorts of problems, such as Business Email Compromise (BCE) attacks.
The sad thing is that no need exists for anyone to ever share the password to their Office 365 account. Mailbox delegation, shared mailboxes, Office 365 Groups, and Teams all provide other ways for senior people to collaborate effectively and securely with their assistants.
No matter what size your company is, it’s time to stop this dreadful habit now. Make sure that none of your users share passwords, and if you find that some do, be kind but firm and help them understand why what they are doing is so dreadfully wrong.
See Chapter 6 of Office 365 for IT Pros for information about mailboxes, while Chapter 7 covers shared mailboxes, Chapter 11 and 12 review the use of Office 365 Groups, and Chapter 13 considers how best to use Teams.