Nutella has a password suggestion for you, and it is bad
Yesterday (May 3rd) was world password day, a day of password advice and getting users to use services like password managers to make users data more protected. But Nutella had other ideas about what world password day is about and posted a guide for the best password you can use. Lets just say the internet was not impressed and called them out on suggesting that using the word “nutella” as your password is a good idea.
Today it's World Password Day: choose a word that's already in your heart. Like "Nutella", for example! #WorldPasswordDay #Nutella pic.twitter.com/Q9EERc6244
— Nutella (@NutellaGlobal) May 3, 2018
The image was posted on Twitter with the caption:
Today it’s World Password Day: choose a word that’s already in your heart. Like “Nutella”, for example! #WorldPasswordDay#Nutella
Telling people to use simple words like “Nutella” as your password is a bad idea and not secure or good advice at all. The best part is the tweet has lots of comments on it but Nutella has not responded publicly and it has been over a day now. Here are a few of the best responses showing why telling people to use easy to remember words is a bad idea.
You don't use a "word" in good passwords. Please don't give atrocious advice on a topic you're obviously not qualified to (given your fuckin' tweet)
— Published Author Az O'Grady (@adamjogrady) May 4, 2018
@troyhunt – we might see this number go up… Thanks, Nutella for giving out such bad password advice. pic.twitter.com/sJg826RnLi
— Patrick Bulteel (@PBulteel) May 4, 2018
Noooo, it's already in the most common password list people use! pic.twitter.com/6uA7IDVvj6
— Rebecca Deck (@ranger_cha) May 4, 2018
While we can understand why a social media poster would think this is a good idea to get attention on a day like world password day, it is just bad advice that should not be followed. If you are concerned about password security (and you should be) you can use a password manager like 1Password or even the built in Mac Keychain on iOS and macOS. You can also use haveibeenpwned.com to see if you have had your personal data released in the past by services that have had data breaches. Having good passwords is important, and more important is to use a different password on each service and site you use.