Apple.com does more to protect your password, study of top 100 sites finds

Aurich Lawson / Thinkstock

Apple, Microsoft, Chegg, Newegg, and Target do the best job of safeguarding customer passwords, according to a comprehensive study of the top 100 e-commerce websites that also ranked Major League Baseball, Karmaloop, Dick’s Sporting Goods, Toys R Us, and Aeropostale as performing the worst.

Apple.com was the only site to receive a perfect score of 100, which was based on 24 criteria, such as whether the site accepts “123456” and other extremely weak passwords and whether it sends passwords in plaintext by e-mail. Microsoft and academic supplier Chegg tied for second place with 65, while Newegg and Target came in third with 60. By contrast, MLB received a score of -75, Karmaloop a -70, Dick’s Sporting Goods a -65, and Aeropostale and Toys R US each got a -60. Each site was awarded or deducted points based on each criterion, leading to a possible score from -100 and 100. The study was conducted by researchers from password manager Dashlane based on the password policies in effect on the top 100 e-commerce sites from January 17 through January 22.

An epidemic of poor passwords

Amazingly, 55 percent of the sites accepted weak passwords such as “123456” and “password,” while Toys R US, J.Crew, 1-800-Flowers.com, and five other sites sent passwords as plaintext in e-mails. Sixty-one of the sites provided no advice on how to create a strong password when creating an account, while only seven sites provided any type of on-screen meter to help assess the strength of a chosen password. Results from studies and previous website breaches show that a large percentage of people use the same password to secure multiple accounts.

Read 7 remaining paragraphs | Comments

via Ars Technica http://ift.tt/1aSr7QU

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s