I would never use bigmac as a password, or happymeal.
It would be like using realtek 8019 or 8139 as a password...
McDonald's is not lovin' your bigmac, happymeal, and mcnuggets passwords
Change Your Password Day took place over the weekend, and in case you doubt the need to improve this most basic element of cybersecurity hygiene, even McDonald's – yes, the fast food chain – is urging people to get more creative when it comes to passwords. McDonald's Netherlands operations took the opportunity on Sunday to …
-
-
Monday 2nd February 2026 19:24 GMT Gene Cash
Because they have good food and you go there all the time? (Obviously I'm not talking about McDonald's)
It's easier at one of the local restaurants to sit at a table and order online than stand at the counter and order. You sit down, scan the QR for your table, and their ordering website is really well done and easy to use. I've been waiting for them to screw it up, but they actually implemented two of my suggestions for improvement.
Also keeps me from punching the fucktards that stand 20ft from the counter then insist they're in line when I step up.
-
-
-
Monday 2nd February 2026 21:11 GMT Neil Barnes
Re: Insanity
The vast majority of online activities have no need for a password. It's just that the people who run these bloody place can't bear the idea of anyone purchasing their product anonymously.
That said... I will not use any retailer, food or otherwise, who both maintain a physical retail space and require me to use a mobile phone to purchase things.
I know other people's tastes differ. These are mine.
-
Tuesday 3rd February 2026 08:43 GMT Bebu sa Ware
"the idea of anyone purchasing their product anonymously."
And then complain about the legions of the William Wagglestaffs, Bertie Woosters and fellow travellers purchasing their precious products.
Not that the Bard in his darkest moments would ever have deigned to dine at a McDonalds caravanserai.
When I must have such an account I spin off another gmail account with hopefully a unique or at least peculiar or whimsical name (like this one actually.)
The idea that no one really needs to know everything about anyone is an anathema to these clowns when in the final analysis both parties a far better off knowing as little as possible about each other - only enough to complete the transaction with the details retained for no more that the minimal time required.
-
Tuesday 3rd February 2026 16:34 GMT I ain't Spartacus
Re: "the idea of anyone purchasing their product anonymously."
I've got a new idea for a false name to use. Or I could possibly even use it as a password.... Came across it in a history podcast (David Crowther's excellent History of England). He's a property developer of dubious morals, who helped rebuild London after the great fire. Rejoicing in the name of If-Jesus-Christ-had-not-died-for-thee-thou-hadst-been-damned Barebone. Sometime spelled Barbon - and he seems to have gone by Nicholas, as his baptismal name was a teensy bit of a mouthful...
His father was Praise-God Barebone (whom the Barebones Parliament was named after).
-
-
-
-
Monday 2nd February 2026 20:13 GMT DrXym
On the flipside
The McDonalds apps insists on 2FA just so I can avail of some stupid hamburger deal. If there was any reason their app had to be protected for some niche reason (e.g maybe some people order through the app) they should protect that rather than the innocuous stuff, i.e. Sometimes security has to be proportionate to what it is protecting.
-
-
Monday 2nd February 2026 20:42 GMT MachDiamond
Re: On the flipside
"And when it comes to your wallet, I'd say that was worth protecting."
So maybe it's much safer to just pay cash when you are keen on poisoning yourself.
"Double/Double with grilled onions, light tomato and a large pink lemonade". No fries, but it would be great if you started selling cookies, Lynsee!
-
Tuesday 3rd February 2026 11:09 GMT DrXym
Re: On the flipside
I haven't entered any credit card details into my McDonalds app so my wallet is quite safe. Attempting to login to get a discount off a burger is not something that should require having to check email for a code to paste into the other window. Aside from anything else it means I'm wasting an extra minute at the kiosk for no benefit to McDonalds.
And if there was something of value in the app, e.g. Monopoly tokens, the simple answer is to surround that stuff with the 2FA.
-
-
Tuesday 3rd February 2026 19:12 GMT DrXym
Re: On the flipside
What data???? All there is in the McDonalds app is discount vouchers and occasionally promotions. I had to double check there and there is NO WAY to put any payment information in there. There is literally nothing of value to protect beyond the login email address and the most basic of information.
So the 2FA is just pointless, at least for retrieving the vouchers.
-
-
-
-
Tuesday 3rd February 2026 13:25 GMT Jou (Mxyzptlk)
Re: On the flipside
Why needing an McD app to purchase anyway! Just walk there with your online wallet or card, beep, done. Doesn't USA just switched to a new variant of that? No not apple, not paypal... Dmnt I don't have that name at hand since outside... I Germany your normal credit card from your bank is: hover, beep, done.
-
-
-
-
Tuesday 3rd February 2026 00:44 GMT Anonymous Coward
Re: Ho Hum
I expect something else may be afoot though ... for example "From May 1, 2026, advertisements for meat products [and] fossil fuel-related products will be banned on the streets of Amsterdam". When this happened for tobacco products some time ago, cigarette companies started advertising for brand name matches instead (eg. Pall Mall Allumettes). What you're seeing may not be ads for password hygiene at all but indirect reminders to 'enjoy' their (mystery) meaty products named 'bigmac', 'nugget', and the likes...
Also interesting about MickeyDs in the Netherlands was their genAI output "the most terrible time of the year" Christmas ad this past December, that they had to pull after 4 days (approx.) due to multifaceted public uproar. Wuz probably another way to remind people that they exist (no such thing as bad publicity apparently).
-
-
Monday 2nd February 2026 21:29 GMT PRR
Re: Ho Hum
> So McDonald's sudden interest in password security includes looking at the passwords.
So can you, or anybody. "Drawing on data from Have I Been Pwned, McDonald's said...."
It may be narcissistic to look for yourself in Have I Been Pwned, like Googling yourself, but it's not a security breech.
EDIT: ninjaed 3 minutes by Pickle Rick.
-
-
Monday 2nd February 2026 21:22 GMT PRR
Best password is no password?
Long ago, when dial-up was precious, the university made us log-in on the dial-up servers. Keep the non-matriculated riff-raff out. This was very important to them!
I was helping Floyd with another problem and asked him to connect.
Flink-flink he was in! I was logging into dialup a dozen times a day and I knew he could not type that fast.
He explained that when it prompted "PASSWORD?" he could just press ENTER and he was in.
When I tracked down who was in charge of the dial-ups he was like OMG WTF and thanked me profusely.
-
Tuesday 3rd February 2026 18:45 GMT MachDiamond
Re: Best password is no password?
"He explained that when it prompted "PASSWORD?" he could just press ENTER and he was in."
I like that being a default since so many things have passwords for no visible reason. If somebody steals my comp from home and now has physical access and lots of time, game over. I like that I can just leave the default in place and hit "return" to bypass the login. I do have startup passwords, some sensitive things are encrypted and a few things reside in hidden folders.
-
Wednesday 4th February 2026 04:27 GMT M.V. Lipvig
My password is
McPenguinBurgersExtraLettu¢eSpecialOrdersDon'tUpsetUs1
Before that it was
MayorM¢CheeseWithExtraKetchup2
Heh heh, no, neither is really my password because I don't have one. I haven't been to McPukeys in 30 years. I stopped eating there not long after the styrofoam clamshells went away.
Biting the hand that feeds IT
