IT teams often create temporary passwords for new employees during onboarding, but these credentials frequently remain unchanged and are shared insecurely via email or SMS. This common practice creates significant security vulnerabilities as temporary passwords may be reused across multiple accounts and never properly rotated, exposing organizations to unnecessary risk.
Employee onboarding is a busy time for IT teams. New starters need devices, accounts, access permissions, and passwords, all delivered within a tight timeframe. That usually means sharing a temporary "first-day" password so employees can access systems for the first time. The issue is that these passwords don't always stay temporary. They may be sent over email or SMS, reused across accounts,
Originally published at thehackernews.com
60-minute technical evaluation, no obligation. We'll map the ideas in this article to your environment.
