Zuckerberg & Password Strength

Mark ended up changing his LinkedIn password to "dadada" because he couldn’t remember what it was in the first place. Not only is this a rubbish password, but also one that he used on multiple platforms; including the Facebook owned Instagram.

First Published 8th June 2016

Zuckerberg & Password Strength

Mark is human after all.

4 min read  |  Reflare Research Team

Complex passwords are necessary for every user including famous ones such as Mark Zuckerberg, the founder of Facebook. It's arguably even more important for celebrities and high-level users because these users can be a main target for hackers. Recently, Mark Zuckerberg was the victim of the LinkedIn hack, not only because his password was not complex but because he used the same insecure password across multiple platforms.

The LinkedIn hack was already reported last week, and the encrypted passwords have been available since 2012. When encrypted passwords are obtained, hackers attempt to crack them. Depending on a password's complexity, the time it takes to crack a password can range from a few seconds to a few days to trillions of years. The poorly secured passwords are cracked first, and then hackers test them across other platforms.

In Mark Zuckerberg's case, he used an extremely poor password of "dadada." It's possible that Zuckerberg thought the account was a throwaway and wasn't important, but this example shows what can happen when one poor password is used across several platforms. Once the attackers had this password, they were able to use it on other social media platforms. It's this type of attack that is common when passwords are leaked to the public.

The Mark Zuckerberg attack reminds us of the dangers of password re-use. Users commonly use one password across multiple accounts. Users only want to remember one password since most networks require high password complexity. They use the same password to make it convenient to remember, and then they end up leaving several platforms vulnerable when the one password is leaked or cracked.

While it is inconvenient to remember several different passwords there are several alternative solutions. The first is to use password manager software to store and remember credentials. This approach means that you will only need to remember one strong master password which is then used to encrypt randomly generated passwords for all your different accounts.

The second approach is to use techniques to generate easy-to-remember yet complex passwords: Use the first letter of each word in a sentence or chain several words together.

Having a complex and unique password is one of the most important things any user can do to protect the security of the accounts they use.

Subscribe by email