Southwest Airlines recently aired a TV ad in their “Wanna Get Away” series that features some serious password blunders. In the ad a General is asked for his password so that they “can lock down the system” which he then reluctantly provides. The password, “ihatemyjob1”, is rather embarrassing and hilarity ensures. Lets watch…
https://www.ispot.tv/ad/AEjj/southwest-airlines-wanna-get-away-sale-sharing-your-password
Let us count the bad security practices used in this ad…
1. A Single point of failure. (The General)
2. He verbally shares his password for everyone to hear instead of typing it in himself.
3. The password is displayed without a mask.
4. The password is displayed in 100 point type on a 20 foot screen for everyone in the room to see.
5. Password does not use uppercase or special characters.
6. While the password uses a number it is appended to the end.
7. No 2 factor authentication.
8. Everyone who sees this ad thinks that while ‘ihatemyjob1’ may be an embarrassing password it is perfectly acceptable since a general uses it.
Let us count the good security practices in this ad
1. The password is longer than eight characters.
2. The password uses a number.
3. Everyone who watches this ad hopefully realizes that they use a similar password and quickly changes it to something better.
Lets face it, while slightly funny this ad will make no one stop and think about how secure their own password may or may not be. However, it might make some people think that ‘ihatemyjob1’ or something similar is perfectly ok to use.
Addendum: The general’s uniform in this ad is a disgrace. Although probably done on purpose so as to not offend any one service they have in fact offended all services.