A fool and his or her password are soon parted, says password manager app-provider Dashlane, and cryptocurrency users are the third worst fools in that regard.
Dateline does an annual list of “Worst Password Offenders,” and on this year’s list, crypto-types are only outperformed in this dubious metric by Kanye West and the Pentagon.
Shortly after the West met with President Trump this year in a well-publicized Oval Office mutual-appreciation session, the rapper decided to take a step back from politics.
It is unclear how much this decision was due to the fact that he opened his iPhone during the session by entering the password “00000” within clear view of several internationally-televising cameras, after which he was heaped with ridicule on social media.
West appears number one on the Dashlane list, but perhaps that is unfair, given the fact that second “prize” goes to the Pentagon, which actually moved up from fourth place on last year’s after a “devastating audit by the Government Accountability Office (GAO) found numerous cybersecurity vulnerabilities in several of the Pentagon’s systems.”
GAO auditors say they were able to “guess” admin passwords in 9 seconds. They also found, “…that software for multiple weapons systems was protected by default passwords that any member of the public could have found through a basic Google search.”
Own worst enemy perhaps?
In “illustrious” third place are the crypto-experimentalists who have gained notoriety in recent years for, among other things, tossing bitcoin-loaded passé computers in the landfill and hiring psychics to try to help them recall passwords they once had memorized before a few too many rainbow-thick Ethereum conferences.
Other password-gaff-prone offenders include:
- Nutella, who (jokingly?) advised their social-media followers on “World Password Day” to change their passwords to Nutella
- UK law firms, 500 of whose passwords were found circulating for sale on the spooky, spooky Dark Net
- Texas, which failed to password protect data on a server containing the personal info on 77% of registered voters in Texas. Howdy, hacker.
- A White House staffer who wrote his password on White House stationary then dropped the paper at a local bus stop. Probably thought it was a transfer.
- Google, which had their TV broadcast site hacked by an engineering student in Kerala, India, David-and-Goliath-style.
- UN Staff, who were using Trello, Jira and Google Docs without password-protecting the, “secret plans, international communications, and plaintext passwords,” they were working with…duh.
- The University of Cambridge, whose plaintext password was left on GitHub, which, “…allowed anyone to access the data of millions of people being studied by the university’s researchers… (including data from the) Facebook quiz app myPersonality…(which includes intimate answers to psychological tests).” Your favorite colour can tell a lot about you.
People’s laissez-faire approach to cybersecurity is perhaps a testament to their good natures, but naiveté only becomes the ingenue.
Dashlane says the average American currently needs passwords for two hundred sites, and that number is likely to double to 400 in the next five years.
Each one of those portals is a potential doorway to an individual’s whole online life, and that data can be used to access accounts, run up credit, ruin reputations or just make you want to kick yourself.
Every door should be locked (or properly password protected says Dashlane), using “…passwords longer than eight characters…(that) include a mix of random letters, numbers, and symbols.” What a pain, I know.
You can even use the company’s handy generator here to create a password that isn’t cute or pleasant or sentimental at all. Good luck!