Click to Skip Ad
Closing in...

CNBC’s disastrous password security fail is a huge lesson for us all

Updated Dec 19th, 2018 9:15PM EST

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

CNBC

tried and disastrously failed to give regular Internet users a lesson about the importance of password security and password strength. While trying to explain how the FBI can brute-force an iPhone PIN by trying out all possible combinations, CNBC wanted to show you how fast your password could be cracked by using this relatively simple procedure (here’s an archived version of the article). To do it, you had to enter a password that you regularly use, and CNBC would tell you how safe it is. But here’s where the trouble started.

DON’T MISS: There’s an addictive new YouTube channel dedicated solely to melting stuff

First of all, CNBC asked you to send it your password over an unencrypted connection, which means that hackers snooping on your Wi-Fi traffic could intercept it and then try it on any online account you might have. Then, CNBC actually stored the passowrds in a free-to-read form using Google Docs. If that’s not enough, Motherboard also says CNBC shared your test password with all third parties it works with.

https://twitter.com/riking27/status/714869982614593536

First discovered by Google security engineer Adrienne Porter Felt,CNBC’s massive blunder became the joke of security experts on Twitter.

It goes without saying that if you read this particular article and gave it one of your passwords, you should change that password right now. Additionally, you should make sure you have unique and hard-to-guess passwords for each Internet service you use. Thirdly, you should consider changing your passwords every once in a while. Finally, using a password manager to keep track of all you passwords is also advisable.

If you’re looking for real tips on password strength, you could check out this hilarious comic from xkcd that teaches you everything you need to know about password strength, password length, and brute-forcing.

Chris Smith Senior Writer

Chris Smith has been covering consumer electronics ever since the iPhone revolutionized the industry in 2008. When he’s not writing about the most recent tech news for BGR, he brings his entertainment expertise to Marvel’s Cinematic Universe and other blockbuster franchises.

Outside of work, you’ll catch him streaming almost every new movie and TV show release as soon as it's available.