At work, your Windows user account, protected by your password, is your corporate identity.
The easiest way for someone to steal your corporate identity is to reset your password and login as you.
Once logged in as you, they could instantly –
- Launch attacks from your computer
- Access and steal your documents
- Access all your confidential data
- Read all your work emails
- Send email as you
- Falsely implicate you in a crime
Your password can be reset within seconds.
Its your identity. Shouldn't you be entitled to knowing exactly who can reset your password?