Using a third-party vendor has not been considered a real security threat until recently (sorry, Target). Now, the limelight is shifting from enforcing a strong password policy to all employees to enforcing a password policy to all users on the network-…