Password reuse
Password reuse is overwhelmingly the most likely avenue. The average joe is notorious for not only using really lousy passwords, but using the same ones over and over again across different systems. To be fair, there are just *so many* different systems that there is simply no way to use a different password with each one.
The only option today is some kind of password manager that can store unique credentials for every site/service that you use. There's really nothing else that strikes a good balance between security and ease of use, and the way things have been going (and continue to go), the need only intensifies.
Off the top of my head, I can think of three:
-1password (which I use and have been happy with)
-enpass
-lastpass
Lastpass is probably the most convenient and well known because it's a cloud services that you don't have to manage.
1Password stores passwords in a local encrypted database. You can sync between different devices via wifi, or by putting the data store on dropbox. It supports multiple 'vaults', and works on most major platforms.
Enpass is similar to 1Password, but doesn't (yet) support multiple vaults, and has better platform support including linux.
There are other ones out there, of course, but those are the three I know most about.
Biting the hand that feeds IT
