- Pro
- Security
McDonald’s campaign uses humorous ways to draw attention to poor password habits
When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.
(Image credit: Mike Mozart, Wikimedia Commons)
- Copy link
- X
- Threads
Sign up for breaking news, reviews, opinion, top tech deals, and more.
Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.You are now subscribed
Your newsletter sign-up was successful
An account already exists for this email address, please log in. Subscribe to our newsletter- Passwords tied to fast food remain common in over 110,000 breaches
- Substituting letters with symbols no longer protects accounts from automated attacks
- Reusing weak passwords continues to threaten both individual and enterprise security
Despite years of cybersecurity advice and pressure, many internet users continue to rely on easy-to-remember passwords related to popular foods.
A new report from McDonald’s has revealed common passwords such as “bigmac,” “happymeal,” and “mcnuggets” appeared in more than 110,000 compromised accounts, according to data from Have I Been Pwned.
Variations that use basic character substitutions appear just as frequently, indicating that familiarity continues to outweigh caution for many account holders.
You may like-
These are still the most popular passwords around - and surely, we can do better than this as a species
-
Can't think of a good password for every account? It's not your fault - you can also blame the websites themselves, a new study says
-
The world's most popular passwords are pretty unsurprising - surely we can do better?
Watch On
Substitutions no longer help
McDonald’s campaign, including posters and short videos, relies on humor and recognition to reach a broad audience.
The message is straightforward: passwords tied to popular food items are easy to guess and widely abused.
Replacing letters with symbols or numbers once added meaningful resistance against basic attacks, but this approach no longer protects against modern cracking methods.
Automated tools already account for predictable substitutions and routinely test them during brute-force attempts, as when a password begins with a common word, attackers need little effort to cycle through known variations.
Are you a pro? Subscribe to our newsletterContact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.The persistence of these habits shows that awareness campaigns have had limited impact outside technically inclined circles.
Security providers frequently recommend long passphrases, multi-factor authentication, and automated credential storage, but despite this guidance, many users continue to treat passwords as the sole line of defense.
Even younger users, who are more familiar with modern security tools, often reuse weak passwords across services.
You may like-
These are still the most popular passwords around - and surely, we can do better than this as a species
-
Can't think of a good password for every account? It's not your fault - you can also blame the websites themselves, a new study says
-
The world's most popular passwords are pretty unsurprising - surely we can do better?
Enterprises encounter the same issue internally, where administrative accounts occasionally rely on simple credentials despite formal policies.
This disconnect explains why basic password hygiene remains a recurring issue decades after it first surfaced.
While the approach draws attention, it does not address the structural reasons weak passwords persist, including convenience and resistance to change.
Public reminders may reduce the most obvious examples, but they rarely shift behavior without supporting tools.
This is a wake-up call for users who still think a weak password is enough. If users do not know how to create a strong password, a password generator can create long, random credentials that do not depend on recognizable words.
Password managers can help users store those credentials securely without requiring them to remember each one.
In organizational environments, a business password manager centralizes control, reduces reuse, and limits damage when breaches occur.
Via The Register
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
Efosa UdinmwenFreelance JournalistEfosa has been writing about technology for over 7 years, initially driven by curiosity but now fueled by a strong passion for the field. He holds both a Master's and a PhD in sciences, which provided him with a solid foundation in analytical thinking.
View MoreYou must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
Logout Read more
These are still the most popular passwords around - and surely, we can do better than this as a species
Can't think of a good password for every account? It's not your fault - you can also blame the websites themselves, a new study says
The world's most popular passwords are pretty unsurprising - surely we can do better?
This company analyzed 800 million breached passwords and found a surprising amount of festive themes - so maybe choose a better password, please?
Passwords are still a problem for UK businesses - what next?
Why our own clicks are often cybercrime's greatest allies
Latest in Security
More than 40,000 WordPress sites affected by new malware flaw - find out if you're affected
Linux users report Microsoft's Visual Studio Code Snap package isn't actually deleting files
Microsoft warns infostealer malware is 'rapidly expanding beyond traditional Windows-focused campaigns' and targeting Mac devices
Massive Chinese data breach allegedly spills 8.7 billion records - here's what we know
Coinbase reveals insider breach did take place, customer info compromised
Russian hackers are targeting a new Office 365 zero-day, so patch now or face attack
Latest in News
'A bet for the future of cybersecurity' – Nord Security hits 400 patents as race for solutions against next-gen threats heats up
'Companies that are not set up to quickly adopt AI workers will be at a huge disadvantage': OpenAI Sam Altman warns firms not to fall behind on AI - but notes 'it’s going to take a lot of work and some risk'
AMD CEO assures us that Steam Machine is on track to ship 'early this year'
A next-gen Xbox could be here in 2027, but Microsoft's in a rough spot
Exclusive: Disney+ just added We Call It Imagineering, with new episodes on the way
Alexa+ is now available for free to everyone in the US – but be cautious
LATEST ARTICLES- 1’What will people do in the year 2050, given the enormous intellectual power computers are likely to have?’: The man Google calls the spiritual father of AI asked big questions in 1991 — 35 years later, we’re still wrestling with the answers
- 2It's Bridgerton! It's Medieval Dynasty! No, it's The Sims 4 Royalty and Legacy, and I think it’s the best of both worlds
- 3Massive Chinese data breach allegedly spills 8.7 billion records - here's what we know
- 4More than 40,000 WordPress sites affected by new malware flaw - find out if you're affected
- 57 privacy tips for your Android device to avoid prying eyes
