Cybersecurity can seem complicated, but an easy way to prevent being hacked, experts say, is to make sure you have a strong password.
Unfortunately, a lot of people don’t. Even big companies and government departments fail at making sure their passwords are secure.
And the worst password offender of all, according to a New York City-based digital security company? The commander in chief himself, President Donald Trump.
Dashlane, a digital security company and password manager, released on Thursday its “Worst Password Offenders” of 2017 list, a ranking of high-profile people and big companies that experienced some of the “most significant password-related blunders” of the year.
“While the violators on this list vary, they all showcase that common password mistakes can cause great embarrassment and economic loss, and that the aftermath of a breach can often be prevented,” the company said in a release. “Most people make the same simple errors that these offenders made, such as using weak passwords or reusing passwords for multiple accounts.”
Trump landed in the number one spot of the ranking “for good reason,” Dashlane noted, but somewhat surprisingly, not for anything related to his Twitter account. Rather, it’s how his entire approach to cybersecurity falls short, even as he’s ordered new security efforts.
“For starters, a January investigation by UK outlet Channel 4 News exposed that many of the top staff members Trump handpicked, including multiple cabinet secretaries, senior policy directors – even cybersecurity advisor Rudy Giuliani – were reusing unsecure, simple passwords,” Dashlane explains. “This revelation is not to be taken lightly, and signals that a president who touts his cybersecurity prowess may have added numerous cyber vulnerabilities to the nation's highest office.”
It came out this year that Trump Organizations sites have been compromised by hackers for a while, and many experts have noted how the president’s favorite hangout Mar-a-Lago is an easy target for hackers.
Plus, Trump is connected to other password offenders on the list: the Republican Party (which came in at 5), Paul Manafort (number 7) and Sean Spicer (number 10), who tweeted out to the world what many thought was his own password.
Consumer credit report agency Equifax came in at number two on Dashlane’s ranking due to the hacks that breached millions of people's’ personal information. Though the exact causes of those security breaches aren’t known, Dashlane writes that “it's clear that Equifax's egregious password practices put the personal information of millions around the world at risk.”
And it’s not just U.S. government officials who are bad at passwords. The U.K. Government also made the list at number three for a pretty cliche reason: the most common password among officials was “password.” That practice led to a breach involving Russian hackers.
Here’s Dashlane’s full ranking of the 10 worst password offenders of 2017:
1. Donald Trump
3. U.K. Government
4. Department of Defense
5. Republican Party
10. Sean Spicer