The dark web has been popping up in the news more frequently lately, with the most significant report being the shutting down of AlphaBay and Hansa marketplaces. This week, news comes of more dark web criminals being brought down–this time due to a classic rookie move: reusing passwords across websites without enabling two-factor authentication. Doh!

At least 16 accounts on Dream Market, another darknet markeplace, were seized by Dutch Police by simply reusing previously captured credentials from earlier sweeps on other sites.

Moral of the story: Smart security calls for tough-to-crack passwords that change frequently, and two-factor authentication that requires two ways to prove one’s identity to access an account. Even for the bad guys.

Read the full story here.