2 days Ago
World Password Day is May 1, 2025, but every day is password hacking day. The U.S.
sports team you support could make getting hacked even more likely, a new report has revealed. As if the password hackers need any help, what with infostealer malware publishing 1.7 billion stolen credentials on the dark web, automatic password hacking machines being a very real thing and people like the ToyMaker making a healthy living from selling such initial access resources to cybercriminals.
Here’s why being a New York Yankees fan sucks from the cybersecurity perspective. Weak passwords are the bane of my life as a cybersecurity analyst, although with my hacking hat on, I have to say I quite like them. With research revealing that even the advice for creating strong passwords using the three-random-word method is now useless, as law enforcement can crack 77% of them with the newly published technique, you really need to be aware of the insecurity of certain passwords you choose to use.
Yes, sports fans, I’m staring right at you with my best look of consternation. An analysis of 186 sports teams, ranked by how vulnerable the passwords that included their names were, has been compiled by the experts at GlobalDots. They used a total of 23 different password variations for each team and then compared them against how many times they appeared in the Have I Been Pwned data breach database.
The resulting report reveals the top ten weakest password links across the NFL, NBA, MLB and NHL, but let’s focus on the overall most hackable U.S. sports team passwords , shall we? As you will have already worked out, the New York Yankees are top of the password flops, with the report revealing that passwords associated with the team appeared in 198,870 password leaks.
The rest of the top ten is as follows: Dallas Cowboys (185,800 password leaks) Las Vegas Raiders (185,600 password leaks) Oklahoma City Thunder (174,400 password leaks) Orlando Magic (149,400 password leaks) Pittsburgh Steelers (146,300 password leaks) Texas Rangers (144,700 password leaks) New York Rangers (143,900 password leaks) Detroit Tigers (124,300 password leaks) Philadelphia Eagles (122,900 password leaks) The moral of this tale, if you must take support of your favorite sports team into your cybersecurity defense, at least be creative and use passwords that are harder to guess by those looking at hacking them. Maybe create a passphrase with the team involved, but one that’s not obvious. Or how about throwing a whole load of random characters and digits into the mix? A password manager will help you to make this approach usable and prevent any password reuse from bettering the equation.
Better yet, keep your love of sports to the sports field and just use long and random passwords, eh?.
