I Miss the 000000ld Kanye: West Tops Dashlane's List of 2018's "Worst Password Offenders"

NEW YORK, Dec. 12, 2018 /PRNewswire/ -- Dashlane today announced its third annual list of the "Worst Password Offenders." The list highlights the high-profile individuals and organizations that had the most significant password-related blunders in 2018.

"Passwords are the first line of defense against cyberattacks," said Emmanuel Schalit, CEO of Dashlane. "Weak passwords, reused passwords, and poor organizational password management can easily put sensitive information as risk."

Dashlane found that the average internet user has over 200 digital accounts that require passwords, and the company projects this figure to double to 400 in the next five years. "The sheer number of accounts requiring passwords means everyone is prone to make the same mistakes as the Password Offenders," states Schalit. "We hope our list serves as a wake-up call to everyone to follow the best password security practices."

Dashlane's "Worst Password Offenders" of 2018, beginning with the worst:

    1. Kanye West: Kanye is no stranger to controversy and attained even more
       notoriety this year when he was captured unlocking his iPhone with the
       passcode "000000" during his infamous meeting at the White House. Having
       a weak passcode is risky enough, but brazenly flaunting poor password
       practices in a room full of TV cameras is as bad as it gets. To put it
       gently, Kanye needs to lockdown his passwords and make them better,
       faster, stronger.


    2. The Pentagon: It's a shame that the Department of Defense holds the #2
       spot this year (up two spots from #4 in last year's list), but a
       devastating audit by the Government Accountability Office (GAO) found
       numerous cybersecurity vulnerabilities in several of the Pentagon's
       systems. Among the disturbing issues was that a GAO audit team was able
       to guess admin passwords in just nine seconds, as well as the discovery
       that software for multiple weapons systems was protected by default
       passwords that any member of the public could have found through a basic
       Google search.


    3. Cryptocurrency owners: As the value of cryptocurrencies reached record
       levels at the beginning of the year, scores of crypto owners had the
       potential to cash out--if they could remember their passwords. The news
       cycle was rife with reports of people resorting to desperate measures
       (including hiring hypnotists) to attempt to recover/remember the
       forgotten passwords to their digital wallets.


    4. Nutella: Nutella came under fire for giving some of the nuttiest password
       advice of the year as the beloved hazelnut-and-chocolate spread company
       encouraged its Twitter followers to use "Nutella" as their password. As
       if the advice wasn't bad enough, the company sent out the ill-advised
       tweet to celebrate World Password Day.


    5. U.K. Law Firms: Researchers in the United Kingdom found over one million
       corporate email and password combinations from 500 of the country's top
       law firms available on the dark web. Making matters worse, most of the
       credentials were stored in plaintext.


    6. Texas: Everything is bigger in Texas, including the cybersecurity gaffes.
       The Lone Star State left over 14 million voter records exposed on a
       server that wasn't password protected. This blunder meant that sensitive
       personal information from 77% of the state's registered voters, including
       addresses and voter history, was left vulnerable.


    7. White House Staff: Last year, two White House officials made our list:
       President Trump took the (un)coveted title of 2017's Worst Password
       Offender for a variety of poor cybersecurity habits, while Sean Spicer
       was included for tweeting his password. This year they passed the baton
       to another staffer who made the mistake of writing down his email login
       and password on official White House stationery. This mistake was
       exacerbated as he accidentally left the document at a Washington, D.C.
       bus stop.


    8. Google: The search engine giant has historically been buttoned up in
       terms of cybersecurity, but this year, an engineering student from
       Kerala, India hacked one of their pages and got access to a TV broadcast
       satellite. The student didn't even need to guess or hack credentials; he
       logged in to the Google admin pages on his mobile device in using a blank
       username and password.


    9. United Nations: The organization tasked with maintaining international
       peace has a security problem. U.N. staff were using Trello, Jira, and
       Google Docs to collaborate on projects, but forgot to password protect
       many of their documents. This meant anyone with the correct link could
       access secret plans, international communications, and plaintext
       passwords.
    10. University of Cambridge: A plaintext password left on GitHub allowed
        anyone to access the data of millions of people being studied by the
        university's researchers. The data was being extracted from the Facebook
        quiz app myPersonality and contained the personal details of Facebook
        users, including intimate answers to psychological tests.

Learn from the mistakes of this year's Password Offenders:

    1. Password protect all accounts: Whether it's a server, email account, or
       an app, you should always secure your data with passwords as they're the
       first, and often only, line of defense between hackers and your personal
       information.


    2. Use strong passwords: Never use passwords that are easy to guess or that
       contain names, proper nouns, or things people can easily research about
       you--like your favorite hazelnut spread! All your passwords should be
       longer than eight characters and include a mix of random letters,
       numbers, and symbols. Even better, use a password generator to come up
       with them for you.
    3. Never reuse passwords: Every one of your accounts needs a unique
       password. The risk in password reuse is that hackers can use passwords
       from compromised accounts to easily access other accounts. The only
       protection against this is to have a different password for every
       account.

About Dashlane
Dashlane simplifies and secures your digital identity--all your personal information that lives online. Across all platforms and devices, the intuitive Dashlane app automatically fills and stores passwords, personal data, and payment details to help you manage, monitor, and protect your digital identity. Available in 11 languages and trusted by 10+ million people in 180 countries (and growing), it's the complete, global solution for living safely and seamlessly online--at home, at work, and everywhere in between.

With offices in New York City, Paris, and Lisbon, Dashlane has raised over $70 million in venture funding to create a safe and effortless solution for all citizens of the digital world. Learn more at dashlane.com.

View original content to download multimedia:http://www.prnewswire.com/news-releases/i-miss-the-000000ld-kanye-west-tops-dashlanes-list-of-2018s-worst-password-offenders-300762767.html

SOURCE Dashlane