Why passwords are a thin illusion of protection and what to do about it. Passwords have become nothing more than a thin illusion of protection. Human nature and human error are the weakest links in protecting organizations from cyberattacks and data breaches. Users choose poor passwords and then re-use them across multiple applications and systems, leaving them vulnerable to phishing and social engineering by bad actors. For years, users have been encouraged to create complex passwords and change them frequently.