Advertisement

technologyTechnology

These Are The Top 10 Biggest Password Fails Of 2018

author

Rosie McCall

author

Rosie McCall

Staff Writer

BookView full profile

BookRead IFLScience Editorial Policy

Staff Writer

clockPublished
comments1Comment

Billion Photos/Shutterstock

We are mid-way through December and New Year's Eve is fast approaching. Which means it's the time of year to take stock of all that has been in the last 12 months in the form of curiously specific listicles, from the most fiercely discussed scientific studies of 2018 to the porn searches that have defined the past year.

For the last three years, password manager company Dashlane has released an annual "Worst Password Offenders" list, presumably in the hope that it will encourage a few of us to adopt "make better passwords" as our New Year's resolution for 2019. 

Advertisement

Naturally, Kanye's easy-to-hack iPhone password (000000) tops the list but there are also some surprising entries, from Very Important government organizations to multinational confectionary companies (we're looking at you, Nutella.) And while some of these reveal a hilarious level of competency, the real-life ramifications of crappy passwords can be disastrous – as the recent Facebook hack that left the location and search history of 14 million users highlights.

As Dashline CEO Emmanuel Schalit points out: “Passwords are the first line of defense against cyberattacks.”

Related Stories
boook svgItaly Has Just Banned ChatGPT
boook svg"Lightest Paint In The World" Could Make Large Pots Of Paint Obsolete
boook svgAI Researcher Calls For All AI Experiments To Be Shut Down Immediately

And so, starting at number 10.

  1. 10. University of Cambridge

  2. When someone dropped a plaintext password on GitHub, they left the data of millions of people being studied by University of Cambridge researchers through the Facebook quiz app “myPersonality” vulnerable. This even included data pertaining to psychological test results.

  3. 9. United Nations

  4. Staff at the UN use systems like Trello, Jira, and Google Docs to collaborate. That wouldn’t be a problem – except for the fact that many forgot to protect those Very Important files with a secure password or, indeed, any password at all. This means anyone with the correct link could access extremely sensitive internal data and international communications. If you don’t laugh, you'll cry.

    1. 8. Google

    You might think that one of the world’s biggest tech companies knows a thing or two about security in the digital age. But earlier this year an engineering student from Kerala, India, successfully hacked into the company and managed to gain access to a TV broadcast satellite. All he had to do was log into the Google admin pages on his cell phone with a blank username and password.

  6. 7. White House Staff

  7. Last year, Trump earned the top spot on the list to become “2017’s Worst Password Offender”, making the inclusion of the White House on this year’s list (depressingly) predictable. The specific cybersecurity crime responsible for putting the WH at number seven is the actions of one staffer, who wrote down his email login and password on official (and embossed) stationary – which he then left at a Washington DC bus stop.

  8. 6. Texas

  9. Seventy-seven percent of voter records – that is 14 million Texans – were left exposed on a server that had not been password protected, meaning information like addresses and voting history were left out in the open.

  10. 5. UK Law Firms

  11. More than 1 million corporate email and password combinations from 500 of the UK's top law firms were left (in plaintext) on the dark web. 

  12. 4. Nutella

  13. The chocolate-hazelnut spread company should stick to what it knows best, confectionary. And it should steer far away from cybersecurity matters after suggesting fans of the product use "Nutella" as their password – on World Password Day.

  14. 3. Cryptocurrency Owners

  15. In January, the value of Bitcoin crashed with many cryptocurrency owners scrambling to get their money out before it dropped any further. Only many had forgotten their passwords, meaning their newfound wealth is now stuck in digital limbo.

  16. 2. The Pentagon

  17. The HQ for the United States Department of Defense made the list (again) following a Government Accountability Office (GAO) audit, which found that the software for multiple weapon systems were protected by default passwords. What's more, the GAO team was able to guess admin passwords in just 9 seconds. 

  18. 1. Kanye West

  19. Even more infamous than Kanye's visit to the White House in October is his scandalous disregard for cybersecurity. Not only is his password extremely easy to guess (000000), the whole world now knows exactly what it is thanks to the hoards of TV crews who captured the rapper unlocking his iPhone on camera.

technologyTechnology
  • tag

  • top 10,

  • technology,

  • 2018,

  • cybersecurity,

  • passwords


technology

More Technology Stories

Italy Has Just Banned ChatGPTOPEN AI ChatGPT chat bot seen on smartphone placed on laptop. AI chatbot responded to the question about computers and creativity.
technologyTechnology

Italy Has Just Banned ChatGPT

clockMar 31 2023
comments3
share180
"Lightest Paint In The World" Could Make Large Pots Of Paint Obsoletepaint pots
technologyTechnology

"Lightest Paint In The World" Could Make Large Pots Of Paint Obsolete

clockMar 30 2023
comments4
share360
AI Researcher Calls For All AI Experiments To Be Shut Down ImmediatelyElon Musk, in a suit.
technologyTechnology

AI Researcher Calls For All AI Experiments To Be Shut Down Immediately

clockMar 30 2023
comments5
share7.1k