Super FAIL – Cable Provider Tells Customers To Change Passwords To Support Super Bowl Team

Following the news about security fail of highest proportions, Charter Spectrum, the second largest cable provider in the US has urged customers to change their wi-fi passwords in support of their favourite Super Bowl team.  It tweeted: “Change your WiFi password and show guests where your loyalty lies! #ThatsMyTeam”.  Cesare Garlati, Chief Security Strategist at the prpl Foundation commented below.

Cesare Garlati, Chief Security Strategist at the prpl Foundation:

Cesare Garlati

“By getting customers to change their passwords to either “GO_NEWENGLAND” or “GO_ATLANTA” it completely takes the guess work away from anyone who can easily force their way onto the customer’s  wi-fi network, which is the gateway to all of the connected devices in the home.  In short, it is nothing less than a horrible idea and points to the sheer lack of security education that the industry faces. Passwords should always be random and at least 16 characters for wi-fi in order to circumvent the “dictionary” approach hackers favour for brute forcing passwords. And if the company had meant to suggest users change the SSID – the discoverable part of the wi-fi network that people would see – that wouldn’t represent a security issue per se but would make connecting to residential Wi-Fi very difficult – if not impossible – in a neighbourhood with many fans of the same team.”