Password reuse means using the same password for more than one account or system. It is dangerous because a single exposed password can unlock multiple services, turning one compromise into a wider identity breach. If a password is guessed, phished, leaked from a third party, or captured from a temporary onboarding login, any other account that shares it becomes vulnerable too.
Attackers often exploit password reuse through credential stuffing, where they try known username-and-password pairs across many sites. Defenders reduce this risk by requiring unique passwords, encouraging password managers, and adding multi-factor authentication so a reused secret alone is not enough to log in. In onboarding and admin workflows, temporary passwords should be unique, short-lived, and replaced at first sign-in to avoid creating shared secrets that survive longer than intended.



