1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

Here are 2018's "worst password offenders"

By midian182 · 12 replies
Dec 13, 2018
Post New Reply
  1. The company says the average internet user has over 200 digital accounts that require passwords and predicts that this number will double to 400 in the next five years, which can lead to using simple passwords and the same credentials across multiple sites—all the more reason to turn to password managers.

    Here are Dashlane’s top ten password fails of 2018:

    1. Kanye West: The rapper tops the lists after he was famously captured entering the passcode ‘000000’ into his iPhone during a meeting with Donald Trump. Bad enough he used that terrible code, but typing it in while the world watched was a particularly ill-advised move.

    2. The Pentagon: One might imagine that the Department of Defense would enforce strict password hygiene, but that was far from the case. An audit team was able to guess admin passwords in just nine seconds and discovered that multiple weapons systems were protected by passwords that could be found through a Google search.

    3. Cryptocurrency owners: Back when crypto was booming, there were numerous reports of owners looking to cash out who had forgotten the password to their digital wallets. Some even resorted to hypnosis to try and remember them.

    4. Nutella: On World Password Day, of all days, the company encouraged its Twitter followers to change their passwords to “Nutella.” Maybe it should stick to making delicious chocolate spread.

    5. UK Law firms: Researchers discovered email and password combinations from 500 of the country's top law firms on the dark web, most of which were stored in plain text.

    6. Texas: Over 14 million of the state’s voter records were exposed on a server that wasn't password protected. Sensitive information including addresses and voter history was left vulnerable by the blunder.

    7. White House Staff: Never write your email and password down on stationary, and don’t leave said document at a Washington D.C. bus stop, like one White House staffer did this year.

    8. Google: An engineering student from Kerala, India hacked a Google page and got access to a TV broadcast satellite earlier in 2018. How did he do it? Logging in to the Google admin pages on his mobile by using a blank username and password, that's how.

    9. United Nations: Allways password protect documents, especially if working for the UN. Staff forgot to do this for many Trello, Jira, and Google Docs, allowing anyone with the right link to access secret plans, international communications, and plaintext passwords.

    10. University of Cambridge: A plaintext password left on GitHub allowed anyone to access the data of millions of people being studied by the university's researchers. The data was being extracted from the Facebook quiz app myPersonality and contained the personal details of Facebook users, including intimate answers to psychological tests.

    Permalink to story.

    Last edited: Dec 13, 2018
  2. Uncle Al

    Uncle Al TS Evangelist Posts: 5,390   +3,779

    You know, this is the sort of thing that just defies common sense or any kind of fundamental intelligence. Perhaps we need to devise a National Test in order to get access to the internet. You know, something like a drivers license written exam so only those that shows enough intelligence to do the basic's can have the access with the reason being to protect us from those that would otherwise have to be removed through the normal gene pool cleansing .......
    btfsttg likes this.
  3. petert

    petert TS Evangelist Posts: 359   +157

    I bet he did not change it and still has the same code
    JamesSWD likes this.
  4. petert

    petert TS Evangelist Posts: 359   +157

    Sorry, I think this should be number 1. All sorts of people are interested in wreaking havoc in US due to its external politics in the last 50 years. Not to mention that US has its own lunatics living to hurt other Americans. With Pentagon, I guess we can expect in the future to see entire US cities sent to Walhalla with own US weapons. And, in true American fashion, the culprit will run for presidency in 10 years time and win ...
  5. MonsterZero

    MonsterZero TS Evangelist Posts: 566   +323

    #8 - is it really "hacking" if the username and password is blank?
    btfsttg and Nchalada like this.
  6. G0DofPaiN

    G0DofPaiN TS Addict Posts: 78   +58

    Exploit based on bad written code..I think it's still considered hacking.
  7. Cal Jeffrey

    Cal Jeffrey TS Evangelist Posts: 1,769   +428

    Don't worry about Kanye. Immediately after that meeting he changed his password.

    I'd try 888888 now.
    wildrage and Evernessince like this.
  8. Mighty Duck

    Mighty Duck TS Addict Posts: 151   +81

    Don't be harsh. He probably added a couple of zeros.
  9. texasrattler

    texasrattler TS Evangelist Posts: 723   +285

    Kanye must be the dumbest person in the world. It's sad he's even famous or that people would even want to watch him. This also shows how dumb his wife Kim must be, she married him.
    I wonder when we find out that the first kid isn't even Kanye's. He probably already knew and didn't care. He just wanted the porn star cause I'm sure not many wanted him.

    So sad that the Pentagon, White House and Google are on the same list as Kanye. In the words of Homer Simpson, DOH.
  10. Godel

    Godel TS Addict Posts: 173   +88

  11. treetops

    treetops TS Evangelist Posts: 2,565   +550

    Ah good ol humans, we are our own biggest security threat.
  12. theruck

    theruck TS Booster Posts: 145   +39

    Well done techspot again!
    your biggest concern is someones iphone password over the pentagon.
    it just reflects what a gossip portal you became
  13. fktech

    fktech TS Maniac Posts: 526   +138

    I like 12345678

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...