News Tragic mistake: Companies think passwords are plenty safe