Home Crypto Worst Password Awards

Worst Password Awards

by S. Jack Heffernan Ph.D

Ahead of World Password Day, Dashlane shares its first-ever, mid-year Worst Password Awards—a reminder of how easy it is to make a password faux pas, even when we think we’re protected. Dashlane champions the awareness that World Password Day brings for creating strong and unique passwords for every account, but unfortunately the “holiday” is not always a cause for celebration. As data breaches continue to make headlines, it’s clear that people and businesses need more education and easy-to-use tools that align with their online behaviors in order to pass the cybersecurity test.

  1. Worst Internship: SolarWinds. The last thing any company needed as 2020 came to a close was news of a massive breach that had gone undetected for months. Yet that’s exactly what happened to SolarWinds, a major IT firm used by everyone from top U.S. government agencies to Microsoft, when news hit that hackers added malicious code in software, giving them remote access to customer networks and data. To make matters worse, in February 2021, both current and former SolarWinds execs blamed an intern for using the entirely-all-too-insecure password solarwinds123, which was leaked online. We’d make a comment here, but Rep. Katie Porter said it best: “I’ve got a stronger password than ‘solarwinds123’ to stop my kids from watching too much YouTube on their iPad.”
  2. Most Likely to Win the Lottery and Lose the Ticket: Bitcoin Users Who Forgot Their Passwords. Password pitfalls cost so much—time, energy, user data, company reputation, $220 million. HODL up. That’s right, as cryptocurrency soared, bitcoin users were locked out of both their wallets and potential fortunes due to forgotten passwords. People—Post-its get lost, built-in browser storage doesn’t work everywhere, and you shouldn’t leave the keys to your online kingdom up to memory. Password managers are the most secure, universal solution, not to mention a lifesaver in instances like these.
  3. Most Surprising: Local and Government Services. The hack of a Florida water plant and phishing attack at a California State Controller’s Office are just some of the recent examples highlighting the challenges public sector organizations face when it comes to cybersecurity. Unfortunately, our tax dollars don’t always get invested in effective defenses, making local (and national, for that matter) government services an easy target for bad actors. In California, state workers fell for a phishing email that targeted at least 9,000 contacts, giving hackers access to social security numbers and other sensitive information. Meanwhile in Florida…hackers gained remote access to the treatment plant’s system and tried to poison the water—making stronger cybersecurity practices a matter of public health and safety.
  4. Most Avoidable: Verkada. Hacks are often more widespread than you think, as a recent one at cloud-based enterprise security camera system Verkada showed. After an international hacker collective breached its systems with a username and password found on the internet, they accessed Verkada customer cameras, which ranged from the Technoking of Tesla’s factories and warehouses to Equinox gyms, hospitals, jails, and schools. It’s unlikely Musk will mock this in his upcoming SNL monologue—avoidable data breaches are no laughing matter.
  5. Most Predictable: COMB. Not what you use to brush your luscious locks but rather the “Compilation of Many Breaches.” As bad as it sounds, COMB is the result of an online hacking forum posting over three billion unique emails and passwords gathered from past leaks at Netflix, LinkedIn, Bitcoin, and more. With 4.7 billion people online, COMB included the data of nearly 70% of global internet users! Both predictable and painful (are you listening? Don’t reuse your passwords!).

“We all know we should practice better password hygiene, but as these examples show, we’re only human. Passwords are a human problem even more than a technology one, and despite the risks, it can be hard to get people to change their behaviors,” said JD Sherman CEO of Dashlane. “That’s why everybody should use a password manager like Dashlane—it’s an easy-to-use tool to manage and eliminate security risks proactively for both people and businesses.”

Extra Credit: Tips for A+ Security At Home, Work, or Anywhere in Between

  • Use random and different passwords for every account: Hackers can use passwords from compromised accounts to easily access other accounts. The only protection against this is to have random and different passwords for every account. Random keeps you secure.
  • Turn on two-factor authentication (2FA): 2FA is a feature that adds an additional “factor” to your normal login procedure to verify your identity: something you know (your password, PIN number, zip code, etc.), something you are (via facial recognition, your fingerprints, retina scans, etc.), or something you have (a smart card, your smartphone, etc.). Most apps or websites will verify you via an email or a text message sent to your phone.
  • Get a password manager. Now. Ditch whichever patented password management “method” you’re currently using. A password manager is literally the only way to safely and conveniently manage wildly complicated and unique passwords for an unlimited number of accounts, while providing automatic logins and secure autofill of personal and payment information.
  • Sign up for free breach alerts. Dashlane helps you learn what to do if your information has been compromised. Dashlane’s Breach Center will alert you if any of your data is found on the Dark Web, and keep an eye out for breaches that may affect you in the future.

About Dashlane
Dashlane is a web and mobile app that simplifies password management for people and businesses. We empower organizations to protect company and employee data, while helping everyone easily log in to the accounts they need—anytime, anywhere. A better digital future starts with secure access.

Our team in Paris, New York, and Lisbon is united by a strong sense of community and passion for improving the digital experience. Over 15 million users and 20,000 businesses in 180 countries use Dashlane for a faster, simpler, and more secure internet.

You may also like

logo-white

Your Trusted Source for Capital Markets & Related News

© 2024 LiveTradingNews.com – For The Traders, By The Traders – All Right Reserved.

The information contained on this website shall not be construed as (i) an offer to purchase or sell, or the solicitation of an offer to purchase or sell, any securities or services, (ii) investment, legal, business or tax advice or an offer to provide such advice, or (iii) a basis for making any investment decision. An offering may only be made upon a qualified investor’s receipt not via this website of formal materials from the Knightsbridge an offering memorandum and subscription documentation (“offering materials”). In the case of any inconsistency between the information on this website and any such offering materials, the offering materials shall control. Securities shall not be offered or sold in any jurisdiction in which such offer or sale would be unlawful unless the requirements of the applicable laws of such jurisdiction have been satisfied. Any decision to invest in securities must be based solely upon the information set forth in the applicable offering materials, which should be read carefully by qualified investors prior to investing. An investment with Knightsbridge is not suitable or desirable for all investors; investors may lose all or a portion of the capital invested. Investors may be required to bear the financial risks of an investment for an indefinite period of time. Qualified investors are urged to consult with their own legal, financial and tax advisors before making any investment. Knightsbridge is a private investment firm that offers investment services to Qualified Investors, Members and Institutions ONLY. Qualified Investors are defined as individuals who have met those Qualifications in the relevant jurisdictions. Members are defined as individuals who have been accepted into the Knightsbridge membership program. Institutions are defined as entities such as banks, pension funds, and hedge funds. If you are not a Qualified Investor, Member or Institution, you are not eligible to invest with Knightsbridge. All investments involve risk, and there is no guarantee of profit. You may lose some or all of your investment. Past performance is not indicative of future results. Knightsbridge is not a registered investment advisor, and this disclaimer should not be construed as investment advice. Please consult with a qualified financial advisor before making any investment decisions. By accessing this website, you agree to the terms of this disclaimer. Thank you for your interest in Knightsbridge.
CLOSE