The password for the Louvre’s video surveillance system was “Louvre”

Published: 5 November 2025
Last updated: 10 November 2025
A laptop with the Louvre's photos on a desktop
Image by Cybernews.

The Louvre Museum in Paris was warned about serious security shortcomings as far back as 2014, which came to light in the aftermath of the “heist of the century.”

Last month’s jewelry heist at the Louvre museum sent shockwaves globally, proving that even the world’s most-visited museum is not immune to a robbery in broad daylight.

Musee du Louvre
A French Forensics Officer examines the cut window and balcony of a gallery at the Louvre Museum which was the scene of a robbery at the world famous museum earlier in the day on October 19, 2025 in Paris, France. France's Culture Minister, Rachida Dati, announced the closure of the world-famous art museum on X due to the robbery taking place just after the Louvre opened to the public. It is being reported that millions of pound with of historic jewellery belonging to Napoleon and Empress Josephine has been stolen (Photo by Kiran Ridley/Getty Images)
ADVERTISEMENT

In the wake of the heist, the country’s minister of culture, Rachida Dati, assured the Louvre’s security systems didn’t fail.

However, experts have been raising concerns about the museum’s security for more than a decade, according to a report by French newspaper Liberation that examined confidential documents.

For example, in 2014, the museum’s video surveillance server password was “LOUVRE,” while a software program provided by the company Thales was secured with a password “THALES.”

Eglė Kristopaityte justinasv Izabelė Pukėnaitė vilius Ernestas Naprys
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Follow us

Moreover, the National Cybersecurity Agency of France (ANSSI) discovered that the museum’s office network used obsolete systems, such as Windows 2000, which no longer guaranteed antivirus updates.

In 2017, a security audit report stated that the threat of an attack with potentially dramatic consequences could no longer be ignored.

It’s unclear whether the passwords remained unchanged during the time of the heist and whether other security shortcomings were addressed.

On October 19th, thieves disguised as construction workers stole eight pieces of the French Crown Jewels valued at approximately €88 million ($101 million).

ADVERTISEMENT
Thieves broke into Louvre and stole jewellry
On Sunday, 19 October 2025, at 09:30, thieves broke into the Louvre Museum in Paris and stole nine items of priceless jewellry. Four suspects entered the museum’s Galerie d'Apollon (Gallery of Apollo) using a mechanical ladder mounted on a vehicle. They cut through the display cases and fled with the culturally significant items, which date back to France's 19th-century royalty and are encrusted with thousands of diamonds and other precious gemstones. A crown once belonging to Empress Eugenie of France was recovered from the scene, seemingly dropped by the intruders. Eight other items remain missing.

Four suspects have been arrested since then. The Paris prosecutor has said the crime was carried out by petty criminals rather than organized crime professionals.

Louvre heist
An infographic titled "'Historic' seven-minute heist at the Louvre Museum" created in Ankara, Turkiye on October 20, 2025. (Photo by Murat Usubali/Anadolu via Getty Images)

Dale Meredith, a cybersecurity expert, wrote on the social network X that he isn’t surprised by the Louvre’s weak security practices.

“Clients swear ‘our systems are all updated,’ only for me to find some forgotten box running an outdated OS because it powers a niche app they didn’t want to update, couldn’t (vendor dropped support), or wouldn’t (too cheap to invest since it ‘just works’),” he wrote.

The password opened the floodgates of memes

Some internet users took the findings lightheartedly, cracking jokes and making memes.

“If you feel like you’re bad at your job and it’s making you depressed, just consider that, as the investigation of the recent heist revealed, the password to access the Louvre’s video surveillance system was Louvre’,” a X user, Philippe Lemoine, wrote.

ADVERTISEMENT

Another X user questioned why they are required to think of complicated passwords that include 10 characters, symbols, and numbers, while the museum protecting humanity’s most valuable assets can get away with “Louvre” as a password.

“What’s the keypad code to get into the gold vault at the Banque de France? 1234?,” they wrote.

“All the good passwords must’ve been stolen by the British Museum,” a Bluesky user wrote, referring to thousands of artifacts from other countries that are currently held in the most visited UK museum.

All the good passwords must’ve been stolen by the British Museum

[image or embed]

undefined Lawrence Culver (@lawrencecphd.bsky.social) November 3, 2025 at 9:50 PM

Other users seemed to be able to relate to using extremely weak passwords at work.

“Every desk job worker knows that there is only one secured password for an internal computer system: the name of the boss’s dog, who comes to the office sometimes,” a Bluesky user wrote.

Every desk job worker knows that there is only one secured password for an internal computer system: the name of the boss’s dog who comes to the office sometimes.

[image or embed]

undefined Moira Donegan (@moiradonegan.bsky.social) Nov 3, 2025 at 21:28

Social media users pointed out that the password “Louvre” may not be such a terrible idea, as most cannot spell the word.

“They were banking on everyone spelling it wrong,” another Bluesky user wrote.

ADVERTISEMENT

An X user shared what the Mona Lisa could have looked like after discovering the Louvre’s surveillance system password.

Experts say passwords should be changed frequently

Frédéric Rivain, a chief technology officer at Dashlane, a credential manager, says weak or reused passwords can open the doors to sophisticated threat actors or resourceful thieves.

He suggests that companies can strengthen their password security by utilizing passkeys, multi-factor authentication, or modern password management solutions.

Rivain says, “Unlike artifacts in a museum, passwords are replaceable. It’s on all of us to learn from these high-profile lessons to ensure that we aren’t next.”

Have thoughts about this topic? Others do, too. Join them in the discussion.

Clara Hawking, an AI governance specialist, wrote on LinkedIn that the Louvre’s situation is a perfect example of how sloppy people can get with digital security.

She advises changing passwords every three months, including those for home WiFi, because home devices like smart TVs, door cameras, and even refrigerators can be easily compromised through weak passwords.

ADVERTISEMENT

Hawking wrote, “Keep your work and personal passwords completely separate, especially if you use the same phone or computer for both.”

A couple in the Louvre heist Halloween costumes
A couple in the Louvre heist Halloween costumes walk through the London Underground on October 31, 2025 in London, England. Halloween is widely celebrated across the UK with revellers dressing up for the occasion. Consumer spending on Halloween is forecast to rise 3.2% this year to about £537m. (Photo by Jack Taylor/Getty Images)

The suspect is a TikTok star

The primary suspect, 39-year-old Abdoulaye N., who was arrested six days after the robbery, is a minor social media star, Le Parisien newspaper first reported.

Nicknamed “The Motocross Legend,” he shared videos on various social networks of himself performing acrobatic motocross stunts. Some videos were viewed nearly 700,000 times.

@doudou.cross.bitu #paris#ldc ♬ son original - DOUDOU CROSS BITUME AUBER 93

Interestingly, the suspect in the Louvre’s robbery used to spend a lot of time in museums.

According to media reports, he was previously a guard at the Centre Pompidou, a cultural center in Paris that hosts the National Museum of Modern Art and Contemporary Art.

Too much money on art, too little on security

ADVERTISEMENT

A report by the Court of Auditors published on Thursday states that the Louvre favoured operations that “were visible and attractive” at the expense of maintenance and renovation, especially in the fields of safety and security between 2018 and 2024.

As a result, the museum has accumulated “a considerable backlog” in bringing its technical infrastructure up to standard.

During the period, the museum spent €169 million on acquiring new artworks and redesigning exhibition spaces, compared to €87 million on maintenance and renovation.

The Louvre acquired 2,754 artworks over eight years; however, less than a quarter of them are currently on public display.

Louvre museum map
An infographic titled "Louvre Museum" created in Ankara, Turkiye on October 20, 2025. With an exhibition area of approximately 73,000 square meters, it is the largest museum in the world. (Photo by Murat Usubali/Anadolu via Getty Images)

The Louvre announces new security measures

The Louvre’s management announced a plan to ramp up the museum’s security on Friday, days after coming under fire for inadequate cybersecurity measures.

The plan includes the installation of additional surveillance cameras and anti-ramming devices, an increased number of patrols around the building, and the creation of the Cybersecurity Operations Center.

The museum has pledged to create a position of a security coordinator who will oversee the security measures, including those related to technical equipment.

Moreover, the Louvre plans to increase its training budget for museum staff by 20%.

FAQ about the Louvre’s surveillance system password “Louvre”

How do we know that the Louvre Museum used the password “Louvre” for its surveillance system?

Cybernews reporting is based on the investigation by a French newspaper, Liberation, which examined confidential documents dating back to 2014. Cybernews cannot independently verify these claims.

Was the password to Louvre’s surveillance system “Louvre” during the heist?

The passwords “LOUVRE” and “THALES” were flagged as weak and insecure by cybersecurity experts in 2014. It is unclear whether they remained unchanged in October 2025.

Did Louvre’s weak passwords help facilitate the heist?

The investigation into the robbery is ongoing, so there aren’t definitive answers to why thieves managed to steal jewels in broad daylight.

However, the Louvre’s director, Laurence des Cars, has previously said that the museum failed to spot thieves early enough due to the CCTV’s perimeter being “weak.”

She said the only camera monitoring the exterior wall of the museum, where thieves broke in, was pointing away from the first-floor balcony that led to the Gallery of Apollo, where the jewels were kept.

Unlock more exclusive Cybernews content on YouTube.

Share
Post
Share
Share
Share
More from Cybernews
Companies using Fable 5 beware: it’s collecting your data, and there are no exceptions
World’s leading mathematicians ridicule AI hype in high-IQ declaration
Democrats are far more worried than Republicans that AI will take jobs, new poll finds
Europe’s tech revolution feels like Soviet déjà vu
New York demands advertisers use “synthetic performer” label or else
The surprising way Elon Musk is powering your next holiday flight
ADVERTISEMENT