End-user passwords are one of the weakest components of your overall security protocols. Most users tend to reuse passwords across work and personal accounts.
They may also choose relatively weak passwords that satisfy company password policies but can be easily guessed or brute-forced. Your users may also inadvertently use breached passwords for their corporate account password.
Source:: The Hackers News