Ad-free. Influence-free. Powered by consumers.
Skip to Main ContentThe payment for your account couldn't be processed or you've canceled your account with us.
Re-activateWhile the new movie about Facebook, "The Social Network," raises intriguing questions about the network's origins, what's more relevant to today's 500 million Facebook users are the continuing privacy and security risks documented by my colleague, Donna Tapellini.
To her list, add this: Nearly five months after we first documented Facebook's serious password weakness problem, the service still hasn't fixed them, thereby continuing to expose countless Facebook users to account theft or worse.
The last time we reported on this we knew of 30 common, six-letter words that Facebook classified as "weak," yet accepted as passwords when you entered them.
Make that number 40.
Why is this a problem? Letting users employ extremely weak passwords that even a novice cracker could guess is irresponsible security practice on Facebook's part. According to the 2010 Consumer Reports State of the Net survey, 9 percent of U.S. social network users experienced some form of abuse. One involved a criminal hijacking your Facebook account and asking all your online friends for money by pretending that you have been robbed in London.
By letting its users rely on extremely weak passwords, Facebook isn't doing what it should to help users avoid such scams.
Below are the 40 very weak passwords we've uncovered so far that you should never use on Facebook, even though Facebook lets you. For more advice on how to protect yourself on Facebook, see our 7 things to stop doing now on Facebook.
—Jeff Fox
Facebook's Naughty 40
—Jeffrey Fox
Build & Buy Car Buying Service
Save thousands off MSRP with upfront dealer pricing information and a transparent car buying experience.
Get Ratings on the go and compare
while you shop
