Full STory:Security experts are cautioning football fans against using team or player names in their passwords, particularly during the ongoing World Cup. Research by ExpressVPN reveals almost a quarter of fans incorporate such terms, rendering their accounts highly susceptible to dictionary attacks. Cybersecurity researcher Jeremiah Fowler demonstrated how easily hackers can crack football-related passwords containing terms such as "Messi" or "Liverpool" in mere milliseconds. This vulnerability is exacerbated by public social media activity and widespread data leaks, offering cybercriminals crucial hints. Fowler's discovery of a leaked Spanish club database underscores how easily fans become targets for phishing scams involving fake tickets or merchandise.
As the FIFA World Cup continues in the U.S., security experts are warning not to build your passwords around football terminology.
Research conducted by ExpressVPN has found that the use of club and player names or shirt numbers is common among football fans. Almost a quarter of the respondents to a survey of 6,000 football fans across six different countries admitted that they used football-related information in their passwords.
Passwords that contain proper nouns such as “Messi” or “Liverpool” are inherently weak, because they’re vulnerable to dictionary-based attacks where hackers use millions of different password combinations to crack passwords.
“If you look at a team like, let’s say, Manchester United, there’s 25 players,” said ExpressVPN’s cybersecurity researcher, Jeremiah Fowler. “Out of those 25 players, you might have five that are superstars. You could run a query on, let’s say, a thousand variants of their names including special characters, and you’d be able to crack 25,000 [passwords] in milliseconds.”
Using Football Passwords Is A Huge Own Goal
Passwords containing football player or club names can be cracked in milliseconds, warn security researchers.
www.forbes.com