CEO Of Niantic, Pokémon GO Developer, Used ‘nopass’ As Twitter Password

These stories never cease to impress. By now, you’d imagine that everyone and their dog should know how to set a secure password, and at the very least, everyone should know the implications of having one of your accounts hi-jacked. Well, it appears that this message never made it to Niantic’s CEO, John Hanke. Maybe he was too busy creating Pokémon GO?

If you happen to follow Hanke on Twitter, you may have noticed some downright bizarre tweets yesterday; all of which included the #OurMine hashtag. As it happens, it’s because his account was breached – and quite easily, at that. Hanke might as well not have had a password at all, as all that protected his account from the rest of us was a mere six-letter, plain English phrase: “nopass”. The irony should escape no one; having no password at all could be deemed more secure than this.

During the time the “attacker” (if you can call it that) had control of Hanke’s Twitter account, a number of links were posted to website Quora. It didn’t take long for those articles to disappear, however, and the same applies to the tweets themselves.

Services like LastPass make it easy to use strong passwords

As of the time of writing, neither Hanke nor Niantic have confirmed the breach, and in all honesty, neither might care enough to comment, since no real damage had been caused.

This debacle is yet another one of the countless reminders that shouldn’t even be needed that setting secure passwords is important. Even better? Use two-step authentication. If you have that, your password could technically be as weak as you want it (but make it strong anyway – seriously), because you’d need to have your smartphone in-hand in order to complete the login process. In fact, if any service you use offers two-step: use it.