Share:

Apple.com Gets Perfect Score in Safeguarding Your Password Says Study

Share:

Apple com e commerce security

Apple tops the best 100 e-commerce websites that protect customer passwords, according to an in-depth study conducted by a password manager company between January 17 and January 22.

Apple.com does more than just protect your password: It follows policies that break the cycle of poor passwords — such as “12345” or “password.” These policies enable a simple yet effective method of creating strong passwords and protecting customer accounts.

Dashlane, the password manager company that conducted the study, highlights four of them: requiring users to choose passwords at least eight characters long from a combination of letters, numbers, and symbols; blocking a user account after four unsuccessful login attempts; helping the user choose a strong password with on-screen advice; and finally, the presence of a visual password strength meter.

The company ranked e-retailers based on the presence/absence of the above four and 20 other criteria — such as the site sending the password via email in plaintext etc. Apple.com ranked no. 1 with a score of 100 out of 100 possible points.

Apple was followed by Microsoft and Chegg with a score of 65, while Newegg and Target ranked right behind them with 60 points. The worst e-retailer position went to MLB with a score of -75.

Key findings:
– 55% still accept notoriously weak passwords such as “123456” or “password”
– 51% make no attempt to block entry after 10 incorrect password entries (including Amazon, Dell, Best Buy, Macy’s and Williams-Sonoma)
– 64% have highly questionable password practices (receiving a negative total score in the roundup)
– 61% do not provide any advice on how to create a strong password during signup, and 93% do not provide an on-screen password strength assessment
– Only 10% scored above the threshold for good password policies (i.e. 45 points or more in the roundup)
– 8 sites, including Toys “R” Us, J.Crew and 1-800-Flowers.com, send passwords in plain text via email.

As Ars Technica points out, though the study is very useful as it highlights the importance of password policies, it has its shortcomings as well, but this is a good start. It will be interesting to see how the rankings change over time.

Share:

Deals