15.3. Avoiding Common Mistakes
Despite the best efforts of security administrators, there are still many common network security mistakes made. This is a top-10 list  of security mistakes commonly found on networks. Some are configuration mistakes while others are process mistakes. This list is by no means exclusive, but it is a good way to perform a quick evaluation of the security level of a network.
 Despite our best efforts, we could not get David Letterman to run this list.
15.3.1. Bad Passwords
The number-one mistake found in a network environment is bad passwords. Bad passwords can be the result of a password policy that is too restrictive, or nonexistent. A password policy may be in place, but not enforced, rendering it useless. ...