The ultimate password genius! (Not) [VIDEO]

KeysIf I wasn’t banging my head against a brick wall so hard, I might actually find this funny.

Consider this question.

"What's your favorite internet password?"

How would you feel if a website asked you totell it what your favorite password is?

Sign up to our free newsletter.
Security news, advice, and tips.

Richard Wang, one of the threat experts in SophosLabs, pointed me towards the UPSJobs website, where you can create a profile if you’re interested in investigating a career with the company.

As you can see in the video I made, it’s easy to create an account – but they don’t offer much help when it comes to choosing a sensible password to secure it.

[youtube=http://www.youtube.com/watch?v=cAy7ftogjtU&w=500&rel=0] (Enjoy this video? Check out more on the SophosLabs YouTube channel and subscribe if you like.)

The UPSJobs site actually encourages you not to use a unique password, but instead to use a password that other people might be able to guess (such as the name of your most loved pet or movie).

What really gob smacks me, however, is that they should prompt users to use their “favorite internet password”! That’s hardly a safe thing to encourage.

What's your favorite internet password? [Click for a larger version]

It actually gets worse. When I first created a profile on UPSJobs, and tried to use a half-decent password (one that contained extended characters such as exclamation marks, and dollar signs), the site wouldn’t accept it as my password.

Again, by refusing to accept a more complex password they were actively encouraging me to choose a simpler, easier-to-hack password.

On many occasions Naked Security has written about how to choose a strong password, but it shouldn’t be forgotten that websites can do more to assist security too and help prevent innocent users from making unsafe choices.

* Image source: canonsnapper’s Flickr photostream (Creative Commons)


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "The AI Fix" and "Smashing Security" podcasts. Follow him on Bluesky, Mastodon, and Threads, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.