The Worst Password Ever

Are you feeling a bit insecure about the strength of your online passwords? If so, then you’re certainly not alone. Most of us don’t use the random strings of capital letters, small letters, numbers, and punctuation marks that security experts always recommend. Likewise, most of us don’t bother to change our passwords on a regular basis.

But if you’re worried that one of your choices might have earned the title of Worst Password Ever, please banish that concern from your mind. That particular title appears to have been earned by — of all people — Mark Zuckerberg, the Chief Executive Officer of Facebook.

Why? A few years ago, Zuckerberg established the password dadada for his LinkedIn account. Then he used the same password for at least three other major social media accounts. And he never updated that choice, even though LinkedIn subsequently announced that the passwords of more than six million users were accessed by cyber-hackers.

How do we know this? Because someone recently used his LinkedIn password to take over his accounts. The hackers did no damage, other than embarrassing the founder of the world’s largest social media network.

Even if his LinkedIn password had not been stolen, a password like dadada would have been easy to guess. After all, Zuckerberg and his wife have been eager to post photographs of their new children on Facebook. A hacker could easily surmise that these children might call their father dada.

So what insights can be gleaned from this news story? The obvious one, of course, is that we should all take password security very seriously. Especially those of us who haven’t changed our LinkedIn passwords for several years!

But a more subtle insight involves the inherent insufficiency of our internet security system. If it is so burdensome that one of the world’s most successful internet entrepreneurs cannot compel himself to take it seriously, what chance do any of us have to manage it well?

Nevertheless, for most of us, a password based security system is our only option. So perhaps, every once in a while, we might choose to take a moment to update a password or two.

When should we start? Well … why not right now?