CNBC just made a huge mistake with its password security tool

Jim Henderson/Wikimedia
Supposedly, those who can’t do, teach, but when it comes to password protection, CNBC apparently can’t do either. In a massive security failure, a CNBC columnist attempted to drive a point home regarding password strength, but instead shared participants’ passwords with third-party marketers. So if you entered your password into CNBC’s supposedly protected tool, you may want to consider changing your codes.

It all started with a well-intentioned CNBC article in The Big Crunch, which included an interactive tool that would test the security of readers’ passwords. Once you entered your chosen string, the site determined how common your password was, how long and varied the characters involved were, and ultimately, how secure it was. The problem, however, was that no matter how secure your password may have been before you submitted it, CNBC then proceeded to share it (unbeknownst even to the company, it would seem).

The article (and faulty tool) has since been taken down in acknowledgement of the huge oversight in security practices. Adrienne Porter of Google initially pointed out that your password was sent through the CNBC site unencrypted, which means that anyone could’ve intercepted it at just about any point. And worse yet, while CNBC insisted that “no passwords are being stored,” that was a lie. In fact, your password was sent not only to a Google spreadsheet, but also to over 30 third parties including advertisers and analytics providers.

Needless to say, people were not pleased with these significant failures, and Twitter users were almost immediately up in arms. As independent security and privacy researcher Ashkan Soltani tweeted, “This is a story of exactly what *NOT* to do when trying to educate users about password security.”

Oh, and by the way, the tool was apparently also providing incorrect information as to the actual security of your password. But honestly, that’s probably the least of CNBC’s concerns at this point.


Slack is resetting user passwords in response to a 2015 data breach

In response to recently discovered information regarding a 2015 data breach, collaboration software company Slack will be resetting the passwords of some of its user accounts beginning July 18.

How to change your Gmail password whenever you want in just a few quick steps

Regularly updating your passwords is a good way to stay secure online, but each site and service has their own way of doing it. Here's a quick guide on how to change your Gmail password in a few short steps.

Use one of these password managers to help protect yourself online

The internet can be a scary place, especially if you don't have a proper password manager. This guide will show you the best password managers you can get right now, including both premium and free options.

Change your Outlook password quickly and easily by following these steps

Keeping your digital accounts locked up with strong, unique passwords is important, so learning how to change your Outlook password quickly and easily is one of the best ways to stay safe online.
Small Business

The 15 best tech jobs boast top salaries, high satisfaction, lots of openings

The bonanza of tech jobs just keeps coming. High-paying tech jobs abound at companies where people love to work. If you’re ready to make a change, this is a great time to look for something more fulfilling.   

Gmail's unsend email feature is one of its best. Here's how to use it

Everyone has sent a message they wish they could take back. How great would it be if you could undo that impulsive email? If you're a Gmail user, you can. Here's how to recall an email in Gmail.

Pegasus spyware can break into users’ cloud accounts and steal data

An Israeli software company has developed a tool with the ability to break into users' cloud-based accounts. The software has been advertised as being able to copy authentication keys and access cloud services like Google Drive or iCloud.

Here's how to download a YouTube video to watch offline later

Learning how to download YouTube videos is easier than you might think. There are tools you can use both online and offline. This step-by-step guide will instruct you on how to use them.

Need to rip audio from a video? Here's how to download music from YouTube

Ripping audio from YouTube has never been easier, but with so many tools on offer, which is the best? Our guide will teach you how to download music from YouTube with two different tools. Just proceed with caution.

If you work in an office, you should know how to recall an email in Outlook

If you're an outlook user who sent an angry email and really wish you hadn't, then you're in luck. There are ways to recall that email, but you'll have to act fast. Here's how to recall an email in outlook.

Need a free alternative to Adobe Illustrator? Here are our favorites

Photoshop and other commercial tools can be expensive, but drawing software doesn't need to be. The best free drawing software is just as powerful as some of the more expensive offerings.
Social Media

Relax, new Pinterest tools promote mental health for stressed searchers

Need a confidence boost after a Pinterest fail or stressful workday? Stress-related searches will soon link to mental health resources on Pinterest and exercises such as deep breathing and expressing gratitude.

Equifax agrees to pay $700 million settlement for its 2017 data breach

Equifax has agreed to pay up to $700 million as part of a settlement tied to its 2017 data breach. This settlement includes a restitution fund of up to $425 million for consumers affected by the 2017 data breach.

Are you one of the billions who have watched these super-popular YouTube videos?

Viral videos can quickly garner millions upon millions of views, but even they fall well behind the view counts on the most watched YouTube videos ever. Those have been watched billions of times.