Funny tidbit. I spun up a DO box (luckily it wasn't too important) to do some tasks on.

I set the root password (over ssh) to something random but only 8 characters. I meant to change it to use only keys, of course, but the machine was compromised in under an hour!