If You’re a Wanted Cybercriminal, Maybe Don’t Make Your Cat’s Name Your Password

Basking in the glow of her owner’s affection.

Image courtesy of Renata Apanaviciene/Shutterstock

In 2012, Jeremy Hammond was arrested by the FBI for infiltrating security think tank Stratfor. As a main driver of Anonymous in Chicago, Hammond was tracked by authorities and eventually given up by informant Hector Xavier Monsegur, or Sabu. At the time, Hammond was the FBI’s most wanted cybercriminal.

It’s never been clear, though, how the FBI was able to search Hammond’s computer, because it was protected by strong encryption and Hammond had time to fully secure it before agents raided his home (assault rifles and all). But Ars Technica may have found a clue.

As the site points out, an Associated Press profile of Hammond states that his password was “Chewy 123.” With the hashing algorithms Hammond had protecting his data, it would have taken the FBI a long time to crack his password. Unless it was something that was easy to guess. And given that Chewy was the name of Hammond’s cat, it would have come up quickly in a systematic effort to access the computer. “My password was really weak,” Hammond told the AP.

Choosing strong passwords is really important. You already know that if you regularly read Slate or the countless other sites that have been talking about data security lately. But just to cement the idea, here’s a pro tip: If you’re the FBI’s most wanted cybercriminal, stay away from the pet-name passwords.