- Passwords linked to fast food are still common in over 110,000 breaches
- Replacing letters with symbols no longer protects accounts from automated attacks
- Reuse of weak passwords continues to threaten both the security of the individual and the company
Despite years of cybersecurity advice and pressure, many Internet users continue to rely on easy-to-remember passwords related to popular foods.
A new report from McDonald’s has revealed common passwords like “bigmac”, “happymeal” and “mcnuggets” appeared on more than 110,000 compromised accounts, according to data from Have I been pwned.
Variations using basic character substitutions occur just as frequently, indicating that familiarity continues to outweigh caution for many account holders.
Look at
Substitutions no longer help
McDonald’s campaign, including posters and short videos, relies on humor and recognition to reach a wide audience.
The message is straightforward: passwords linked to popular food items are easy to guess and widely misused.
Replacing letters with symbols or numbers once added meaningful resistance to basic attacks, but this approach no longer protects against modern cracking methods.
Automated tools already account for predictable substitutions and routinely test them during brute-force tests, such that when a password begins with a common word, attackers need little effort to cycle through known variations.
The persistence of these habits shows that awareness campaigns have had limited effect outside of technically inclined circles.
Security providers often recommend long passphrases, multi-factor authentication, and automatic credential storage, but despite this guidance, many users continue to treat passwords as the only line of defense.
Even younger users who are more familiar with modern security tools often reuse weak passwords across services.
Companies encounter the same problem internally, where administrative accounts occasionally rely on simple credentials despite formal policies.
This disconnect explains why basic password hygiene remains a recurring problem decades after it first emerged.
While the approach attracts attention, it does not address the structural reasons why weak passwords persist, including convenience and resistance to change.
Public reminders can reduce the most obvious examples, but they rarely change behavior without supporting tools.
This is a wake-up call for users who still think a weak password is enough. If users don’t know how to create a strong password, a password generator can create long, random credentials that don’t depend on recognizable words.
Password managers can help users store these credentials securely without requiring them to remember each one.
In organizational environments, a business password manager centralizes control, reduces reuse and limits damage when breaches occur.
Via The register
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
