When Poor Password Hygiene Costs you Millions in the NFL Draft

Football fan or not, everyone has heard the most talked about story from last night’s NFL Draft. Former Ole Miss offensive tackle, Laremy Tunsil, was one of the highest-rated prospects in the draft– who at one point was considered a No. 1 overall pick–was picked No. 13 overall by the Miami Dolphins. The reason behind it…most likely something that could have been completely avoidable. Laremy Tunsil’s Twitter account (@kingtunsil78) was hacked and posted a less than flattering video. It can only be assumed that his account was hacked due to bad password habits.

As a result of creating multiple online accounts and in turn creating multiple logins and passwords associated with them, we fall prey to a number of poor password habits:

1. Creating simple, easy to remember passwords
2. Re-using these simple password for all our accounts
3. Keeping passwords in an unsecured spreadsheet

Laremy is not alone. We’re all guilty of this in some way or another. He’s also a victim to an inherently flawed system. As more and more sites beef up their security practices, requiring more complicated, secure passwords, it has become humanly IMPOSSIBLE to remember all your passwords and lead a secure digital life. It’s understandable, but it doesn’t help the fact that it could have been prevented.

Follow these steps to avoid being an easy target and make your social media accounts as secure as possible:

1. Create a strong password
As a first line of defense from hackers, users should always be protecting themsleves by using long, uniquely generated passwords. By creating a strong, unique password, you’re ensuring that passwords leaked in data breaches can’t be used to try hacking into other accounts. Strong passwords look like #IP9PqjS%17pEbUOkMVv and do not use words you would find in a dictionary or your personal information (like your birthday or pet’s names).

2. Use a password manager to keep track of your accounts
If that strong password looks too hard to remember, using a password manager like LastPass to create and store long, strong passwords for every online account, including your social media accounts, can make your life a whole lot easier. Password managers generate unique passwords and store them into a secure, easy-to-use vault. LastPass can also automatically fill in login pages with your credentials, making it easy to use unique passwords.

3. Add another authentication step
Two-factor (or multifactor) authentication is one of the most straightforward and secure forms of safety measures currently available. Over the last year, we’ve seen an increase in user-friendly, portable options—including the new LastPass Authenticator — that general consumers can take advantage of. Two-factor authentication is a feature that asks you for more than just your username and password when you log in. You have to provide a second piece of information – whether it’s a code, or a temporary password, or the swipe of a finger – before the account can be accessed. Remember, two layers of security are always better than one!

Protecting your online accounts should be an ongoing priority, so make sure you know how to protect yourself. In the event that you are hacked, hopefully, it doesn’t cost you like it did Laremy Tunsil. If that isn’t a good reason to change your password habits, what is?


  • Piter432 says:

    LastPass Authenticator looks nice, but I think it will be much, much better if you will release it as extension for Firefox and Chrome :)

  • Jim Phillips says:

    If the second device that generates the Two-factor authentication is the device you are using (ie. my cell phone) how is this more secure? I can see if you are on your tablet or computer and you obtain the Two-factor authentication key/code from your cell phone then you would need both devices making it more difficult to hack. I tried Google Authenticator this way and found it not much use and more difficult/time consuming to use. I just use LastPass by itself on my phone.