- Fast food-related passwords remain common in more than 110,000 breaches
- Replacing letters with symbols no longer protects accounts from automated attacks
- The reuse of weak passwords continues to threaten the security of individuals and businesses.
Despite years of cybersecurity advice and pressure, many Internet users continue to rely on easy-to-remember passwords tied to popular foods.
A new report from McDonald’s found that common passwords such as “bigmac”, “happymeal” and “mcnuggets” appeared in more than 110,000 compromised accounts, according to data from Have I been pwned.
Variants using basic character substitutions appear just as frequently, indicating that familiarity continues to trump caution for many account holders.
Look on it
Substitutions no longer help
McDonald’s campaign, including posters and short videos, uses humor and recognition to reach a wide audience.
The message is simple: passwords related to popular food products are easy to guess and widely misused.
Replacing letters with symbols or numbers once added significant resistance to basic attacks, but this approach no longer protects against modern hacking methods.
Automated tools already take predictable substitutions into account and test them regularly during brute force attempts, because when a password begins with a common word, attackers need little effort to go through known variations.
The persistence of these habits shows that awareness campaigns have had limited impact outside technical circles.
Security vendors frequently recommend long passphrases, multi-factor authentication, and automated credential storage. Despite this advice, many users still view passwords as the only line of defense.
Even younger users, more familiar with modern security tools, often reuse weak passwords between services.
Companies face the same problem internally, where administrative accounts sometimes rely on simple credentials despite formal policies.
This disconnect explains why basic password hygiene remains a recurring problem decades after its emergence.
While this approach draws attention, it does not address the structural reasons why weak passwords persist, including convenience and resistance to change.
Public reminders can reduce the most obvious examples, but they rarely change behaviors without supporting tools.
This is a wake-up call for users who still think a weak password is enough. If users don’t know how to create a strong password, a password generator can create long, random identifiers that don’t rely on recognizable words.
Password managers can help users store these credentials securely without having to remember them.
In organizational environments, an enterprise password manager centralizes control, reduces reuse, and limits damage in the event of breaches.
Via The register
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
