The Year’s Worst Password Offenders

Morgan O'Rourke


February 1, 2019

kanye west passwordRapper Kanye West topped Dashlane’s list of the worst password offenders of 2018, which spotlights the high-profile individuals and organizations that made the most significant password-related mistakes during the year.

West’s blunder came in a televised meeting in the Oval Office with President Trump where he was seen unlocking his iPhone with the extremely weak passcode ”00000.”

Second on the list was the Pentagon, where a Government Accountability Office audit found a number of cybersecurity vulnerabilities, including easy-to-guess administrative passwords and multiple weapons systems protected only by default passwords.

Other offenders included Nutella, which encouraged all of its Twitter followers to change their passwords to “Nutella”—on World Password Day, no less—and the state of Texas, which left more than 14 million voter records exposed on a server that did not have any password protection.

Dashlane urged users to learn from the mistakes of these offenders by password-protecting all their accounts; using strong passwords that contain more than eight characters and a mix of letters, numbers and symbols; and never reusing passwords on any of their accounts.

Morgan O’Rourke is editor in chief of Risk Management and director of publications for the Risk & Insurance Management Society, Inc. (RIMS)