{"id":63022,"date":"2019-11-14T00:00:00","date_gmt":"2019-11-14T00:00:00","guid":{"rendered":"http:\/\/blog.mozilla.org\/foxtail\/2019\/11\/14\/pop-culture-bad-passwords\/"},"modified":"2021-02-03T02:43:11","modified_gmt":"2021-02-03T02:43:11","slug":"pop-culture-bad-passwords","status":"publish","type":"post","link":"https:\/\/blog.mozilla.org\/en\/internet-culture\/deep-dives\/pop-culture-bad-passwords\/","title":{"rendered":"Here’s why pop culture and passwords don\u2019t mix"},"content":{"rendered":"

Were they on a break or not?! For nearly a decade, Ross and Rachel\u2019s on-screen relationship was a point of contention for millions of viewers around the world. It\u2019s no surprise to learn that years after the series finale, they are not only TV\u2019s most beloved characters, but their names are popular account passwords, too. That\u2019s right. More than thousands of internet users love Rachel, Monica, Joey, Chandler, Ross and Phoebe enough to use their names as passwords.<\/p>\n

Wondering about trends, we turned to haveibeenpwned (HIBP) \u2014 the website that aggregates data from known breaches \u2014 for pop culture favorites. (Firefox Monitor<\/a> draws from HIBP to help people learn if they\u2019ve been caught up in a data breach and take steps to protect themselves.)<\/p>\n

We couldn\u2019t access any data files, browse lists of passwords or link passwords to logins \u2014 that info is inaccessible and kept secure \u2014 but we could look up random bad passwords manually on HIBP<\/a>. It turns out, quite a lot of sitcom and sports fans are using pop culture passwords for their accounts. These bad passwords are not only weak, they have also been breached. Here\u2019s what we spotted.<\/p>\n

No soup for these friendly passwords<\/h2>\n

A sage man once said, \u201cRemember Jerry, it\u2019s not a lie if you believe it.\u201d Well, no matter how much you believe your password is secure, if you\u2019re using a sitcom character, it definitely isn\u2019t. Unfortunately, that didn\u2019t stop more than 230,000 people from using George<\/i> as their bad passwords. Topping the Friends list, more than 130,000 internet users love Rachel<\/i> enough to use her name as a bad password.<\/p>\n

\"Bad<\/a><\/p>\n

Meanwhile Ross<\/i> is at the bottom of the group with 6,643. The fact that a simple, four-letter password is being used by so many breached accounts is uglier than naked guy. If this sounds like you, maybe it\u2019s time to update your password to something more complex like FestivusfortheRestofUs!12181997<\/a>, as it\u2019s been breached zero times.<\/p>\n

Sports and passwords make a weak combination<\/h2>\n

Sports fans are arguably the most passionate in the world. It\u2019s easy to see why fans love incorporating their favorite sports into their passwords, but unfortunately they\u2019re on the losing team when it comes to security. If you\u2019re using these bad passwords, it\u2019s time for a substitution.<\/p>\n

\"\"<\/a><\/p>\n

The United States of hackable passwords<\/h2>\n

State pride is a real thing. From food to music to scenery, we all think our state is the best. Or wildest. (Looking at you Florida.) But these predictable, bad passwords border on being to the worst.<\/p>\n

\"\"<\/a><\/p>\n

What\u2019s wrong with these passwords?<\/h2>\n

All of these bad passwords are much too basic and can be easily guessed. Not only that, if you\u2019re the kind of person who uses george<\/i>, newyork<\/i> or football<\/i> for your password, you might be the kind of person who has also reused it. That\u2019s especially bad news since all of these passwords were part of known data breaches.<\/p>\n

Here\u2019s how to improve your password game<\/h2>\n

Stop reusing passwords<\/h3>\n

We can\u2019t state this enough: don\u2019t reuse or recycle passwords. Once someone has your password, they can try to use it on multiple sites. Sorry friends, but adding a 1 or ! to your password doesn\u2019t make it more secure. If your banking password is the same as your email password and the same as your Amazon password, a single vulnerability in one site puts them all at risk. Are you reading this Equifax<\/a>?<\/p>\n

Get a password manager<\/h3>\n

If you have Forgot password<\/b> on speed-click, a password manager is your new best friend. A good one keeps track of all of your passwords and generates new passwords so you can keep them strong. Hooray! It should rely on end-to-end encryption, which is code for scrambling your information so that nobody \u2014 including the company that makes the password manager \u2014 knows what\u2019s inside.<\/p>\n

Portable passwords are standard on Firefox Lockwise<\/a> with a Firefox account<\/a>, so you can get your unique, strong passwords on your computer, phone and other devices. Plus, it\u2019s free!<\/p>\n

Complicate your #@*Njub&*6! passwords<\/h3>\n

If you need fresh password inspiration or don\u2019t have a password manager, you can use this password creation guide from Mozilla.<\/a> Pro tip: Lockwise also suggests complex passwords when you create a new login within Firefox.<\/a><\/p>\n

Monitor your accounts<\/h3>\n

Back in the day you could get away with adding numbers to make your password unique enough but like your credit score, you have to monitor it regularly to make sure it\u2019s secure. Keep an eye on your accounts by signing up for Firefox Monitor<\/a> to get alerted to data breaches. Do that, and you\u2019re already ahead of the pack.<\/p>\n

\"\"<\/a><\/p>\n

\n

How did we get these numbers?<\/i><\/b> We looked them up in <\/i>haveipbeenpwned.com<\/i><\/a>. For the sitcom and state lists, we looked up the terms with all lowercase and first letter uppercase. For the sport list, we looked up all lowercase. Current numbers on the site may be higher than at time of publication as new datasets are added to HIBP because sadly, data breaches continue to occur. <\/i><\/p>\n","protected":false},"excerpt":{"rendered":"

Were they on a break or not?! For nearly a decade, Ross and Rachel\u2019s on-screen relationship was a point of contention for millions of viewers around the world. It\u2019s no surprise to learn that years after the series finale, they are not only TV\u2019s most beloved characters, but their names are popular account passwords, too. […]<\/p>\n","protected":false},"author":727,"featured_media":52402,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[464058],"tags":[],"coauthors":[],"acf":[],"yoast_head":"\nHere's why pop culture and passwords don\u2019t mix<\/title>\n<meta name=\"description\" content=\"If you're using your favorite sport, sitcom or state as your passwords, 1) you're not alone, and 2) you need to change them.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.mozilla.org\/en\/internet-culture\/deep-dives\/pop-culture-bad-passwords\/\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/blog.mozilla.org\/en\/internet-culture\/deep-dives\/pop-culture-bad-passwords\/\",\"url\":\"https:\/\/blog.mozilla.org\/en\/internet-culture\/deep-dives\/pop-culture-bad-passwords\/\",\"name\":\"Here's why pop culture and passwords don\u2019t mix\",\"isPartOf\":{\"@id\":\"https:\/\/blog.mozilla.org\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/blog.mozilla.org\/en\/internet-culture\/deep-dives\/pop-culture-bad-passwords\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/blog.mozilla.org\/en\/internet-culture\/deep-dives\/pop-culture-bad-passwords\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/blog.mozilla.org\/wp-content\/blogs.dir\/278\/files\/2019\/11\/Breached-PW_header.png\",\"datePublished\":\"2019-11-14T00:00:00+00:00\",\"dateModified\":\"2021-02-03T02:43:11+00:00\",\"author\":{\"@id\":\"https:\/\/blog.mozilla.org\/en\/#\/schema\/person\/5c987afc4f606be73692d2acfdd1316c\"},\"description\":\"If you're using your favorite sport, sitcom or state as your passwords, 1) you're not alone, and 2) you need to change them.\",\"breadcrumb\":{\"@id\":\"https:\/\/blog.mozilla.org\/en\/internet-culture\/deep-dives\/pop-culture-bad-passwords\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/blog.mozilla.org\/en\/internet-culture\/deep-dives\/pop-culture-bad-passwords\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.mozilla.org\/en\/internet-culture\/deep-dives\/pop-culture-bad-passwords\/#primaryimage\",\"url\":\"https:\/\/blog.mozilla.org\/wp-content\/blogs.dir\/278\/files\/2019\/11\/Breached-PW_header.png\",\"contentUrl\":\"https:\/\/blog.mozilla.org\/wp-content\/blogs.dir\/278\/files\/2019\/11\/Breached-PW_header.png\",\"width\":1093,\"height\":601},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/blog.mozilla.org\/en\/internet-culture\/deep-dives\/pop-culture-bad-passwords\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/blog.mozilla.org\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Here’s why pop culture and passwords don\u2019t mix\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/blog.mozilla.org\/en\/#website\",\"url\":\"https:\/\/blog.mozilla.org\/en\/\",\"name\":\"The Mozilla Blog\",\"description\":\"News and Updates about Mozilla\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/blog.mozilla.org\/en\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/blog.mozilla.org\/en\/#\/schema\/person\/5c987afc4f606be73692d2acfdd1316c\",\"name\":\"M.J. Kelly\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.mozilla.org\/en\/#\/schema\/person\/image\/70718b02fa9f11d88288b937f1da2ac1\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d61ff6a9eb6dd324df20cb773e6c416e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d61ff6a9eb6dd324df20cb773e6c416e?s=96&d=mm&r=g\",\"caption\":\"M.J. Kelly\"},\"description\":\"Mozilla Communications\",\"url\":\"https:\/\/blog.mozilla.org\/en\/author\/mjkellymozilla-com\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Here's why pop culture and passwords don\u2019t mix","description":"If you're using your favorite sport, sitcom or state as your passwords, 1) you're not alone, and 2) you need to change them.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.mozilla.org\/en\/internet-culture\/deep-dives\/pop-culture-bad-passwords\/","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/blog.mozilla.org\/en\/internet-culture\/deep-dives\/pop-culture-bad-passwords\/","url":"https:\/\/blog.mozilla.org\/en\/internet-culture\/deep-dives\/pop-culture-bad-passwords\/","name":"Here's why pop culture and passwords don\u2019t mix","isPartOf":{"@id":"https:\/\/blog.mozilla.org\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/blog.mozilla.org\/en\/internet-culture\/deep-dives\/pop-culture-bad-passwords\/#primaryimage"},"image":{"@id":"https:\/\/blog.mozilla.org\/en\/internet-culture\/deep-dives\/pop-culture-bad-passwords\/#primaryimage"},"thumbnailUrl":"https:\/\/blog.mozilla.org\/wp-content\/blogs.dir\/278\/files\/2019\/11\/Breached-PW_header.png","datePublished":"2019-11-14T00:00:00+00:00","dateModified":"2021-02-03T02:43:11+00:00","author":{"@id":"https:\/\/blog.mozilla.org\/en\/#\/schema\/person\/5c987afc4f606be73692d2acfdd1316c"},"description":"If you're using your favorite sport, sitcom or state as your passwords, 1) you're not alone, and 2) you need to change them.","breadcrumb":{"@id":"https:\/\/blog.mozilla.org\/en\/internet-culture\/deep-dives\/pop-culture-bad-passwords\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.mozilla.org\/en\/internet-culture\/deep-dives\/pop-culture-bad-passwords\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.mozilla.org\/en\/internet-culture\/deep-dives\/pop-culture-bad-passwords\/#primaryimage","url":"https:\/\/blog.mozilla.org\/wp-content\/blogs.dir\/278\/files\/2019\/11\/Breached-PW_header.png","contentUrl":"https:\/\/blog.mozilla.org\/wp-content\/blogs.dir\/278\/files\/2019\/11\/Breached-PW_header.png","width":1093,"height":601},{"@type":"BreadcrumbList","@id":"https:\/\/blog.mozilla.org\/en\/internet-culture\/deep-dives\/pop-culture-bad-passwords\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.mozilla.org\/en\/"},{"@type":"ListItem","position":2,"name":"Here’s why pop culture and passwords don\u2019t mix"}]},{"@type":"WebSite","@id":"https:\/\/blog.mozilla.org\/en\/#website","url":"https:\/\/blog.mozilla.org\/en\/","name":"The Mozilla Blog","description":"News and Updates about Mozilla","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.mozilla.org\/en\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/blog.mozilla.org\/en\/#\/schema\/person\/5c987afc4f606be73692d2acfdd1316c","name":"M.J. Kelly","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.mozilla.org\/en\/#\/schema\/person\/image\/70718b02fa9f11d88288b937f1da2ac1","url":"https:\/\/secure.gravatar.com\/avatar\/d61ff6a9eb6dd324df20cb773e6c416e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d61ff6a9eb6dd324df20cb773e6c416e?s=96&d=mm&r=g","caption":"M.J. Kelly"},"description":"Mozilla Communications","url":"https:\/\/blog.mozilla.org\/en\/author\/mjkellymozilla-com\/"}]}},"_links":{"self":[{"href":"https:\/\/blog.mozilla.org\/en\/wp-json\/wp\/v2\/posts\/63022"}],"collection":[{"href":"https:\/\/blog.mozilla.org\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.mozilla.org\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.mozilla.org\/en\/wp-json\/wp\/v2\/users\/727"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.mozilla.org\/en\/wp-json\/wp\/v2\/comments?post=63022"}],"version-history":[{"count":0,"href":"https:\/\/blog.mozilla.org\/en\/wp-json\/wp\/v2\/posts\/63022\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.mozilla.org\/en\/wp-json\/wp\/v2\/media\/52402"}],"wp:attachment":[{"href":"https:\/\/blog.mozilla.org\/en\/wp-json\/wp\/v2\/media?parent=63022"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.mozilla.org\/en\/wp-json\/wp\/v2\/categories?post=63022"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.mozilla.org\/en\/wp-json\/wp\/v2\/tags?post=63022"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/blog.mozilla.org\/en\/wp-json\/wp\/v2\/coauthors?post=63022"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}