People will always need reminding of this most simple of cyber security rules:
You need a different password for each “thing” you log into
I use the slide at the top of this post, or some variation of it, in every password, MFA, social engineering or cyber security or boardroom presentation I make.
Here is the impact on the Canada Revenue Agency (the Canadian equivalent of HMRC) of reusing passwords:
Password Reuse Strikes Again! (sans.edu)
Clive Catton MSc (Cyber Security) – by-line and other articles