Which of the following practices is not effective in protecting sensitive information?

Sharing passwords among team members is not effective in protecting sensitive information for several reasons. When passwords are shared, it increases the risk of unauthorized access and reduces accountability for actions taken with that access. If a password is distributed among multiple individuals, it becomes difficult to track who is responsible for specific activities or alterations to the system. This practice can lead to security breaches if one individual misuses the shared password or if it gets into the hands of someone who should not have access.

In contrast, regularly updating passwords, using two-factor authentication, and setting up firewalls are all robust security practices. Regularly updating passwords reduces the risk of them being compromised over time. Two-factor authentication adds an additional layer of security, making it much harder for an unauthorized user to gain access even if they have stolen a password. Firewalls act as a barrier that controls incoming and outgoing network traffic, thereby helping prevent unauthorized access to sensitive data.