The topic of password strength is always a top security concern, but now it has crept into the world of Disney. Seems a lot of folks dipped into their favorite Disney terms when picking passwords and the hackers of the world were a few steps ahead. (As always.)
Is your favorite princess your Disney+ password?
So when Disney+ launched, many users and fans of Disney thought it wise to use Disney or Disney princess-related terms as their Disney+ passwords. Trouble is that hackers always seem to be two steps ahead of the general public. Within just a few days of signing up, many users found their accounts hacked, logins stolen and in some cases, access to their accounts sold.
So how bad is it?
According to this recent blog post from Mozilla, the graphic above shows many times the 12 Disney princesses showed up in breached datasets, according to haveibeenpwned.com. The password “jasmine” was used by almost 200,000 account holders. Sorry Jasmine, this is a popularity contest you don’t want to win.
In the graphic below, they report the number of times certain terms that a dedicated Disney fan might choose when selecting a password. The term “princess” was used by almost half a million account holders.
Why the fuss about passwords?
The reason security experts raise concerns about passwords is that many people use the same passwords across multiple logins. So your princess password that may have been hacked from your Disney+ account may also be the password for banking and other financial institutions. Hackers steal one set of passwords (like e-commerce retailers) with the goal of then using the login credentials to make login attempts at sites with higher payoffs (like banks).
Not only do princesses make bad passwords, but so do the names of your pets and your kids. Make your password long and make it strong! We recommend:
- Using different passwords for each and every login.
- Using strong passwords with combinations of lower case and upper case letters, numbers and symbols.
- Using long passwords of 16-20 or more digits whenever possible.
- Using a browser to store your passwords such as Firefox or Apple’s built-in Keychain for Safari.
- Passing on those social media quizzes that ask about your first concert, first pet, etc. as those are often website security questions.
- Using two-factor authentication on every site that offers it, ideally with an authenticator app such as Microsoft Authenticator.
- And whatever you do, don’t write your passwords down on a stickie note on your desk!
We can help!
At Trivessa, we do websites, graphic design, marketing and more. We have extensive experience in IT security and can assist you in setting up a more secure online environment for your home or office. We offer a free, no obligation consultation. Give us a call, send us an email, or schedule a time to chat directly on our calendar.