1. Phishing Attacks: Deceptive emails or messages can trick NGO staff into sharing passwords, compromising security.

2. Weak Passwords: Simple or easily guessable passwords make NGO accounts vulnerable to unauthorized access.

3. Insider Threats: Malicious actors within the organization may misuse passwords to gain unauthorized access to sensitive data.

4. Password Reuse: Using the same password for multiple accounts increases the risk of widespread compromise if one account is breached.

5. Lack of Two-Factor Authentication (2FA): Without 2FA, NGO accounts are more susceptible to unauthorized access if passwords are compromised.

6. Social Engineering: Manipulative tactics can trick NGO staff into revealing passwords, exploiting human vulnerability to gain unauthorized access.

7. Unencrypted Communication: Sending passwords through unsecured channels exposes them to interception by attackers, compromising NGO security.

8. Keylogging: Malicious software can secretly record typed passwords, posing a threat to the security of NGO information.

9. Outdated Security Measures: Failure to update security protocols can leave CSC accounts vulnerable to exploitation.

10. Poor Password Management: Neglecting to update passwords or implement secure management methods poses significant risks.

11. Limited Awareness: Lack of knowledge about password security heightens vulnerability to attacks.

12. Inadequate Password Policies: Poorly enforced password policies, such as weak complexity requirements or infrequent password changes, can leave NGOs susceptible to attacks.