Examining the password policies of 40 popular consumer and enterprise websites against five criteria, Dashline has published its latest Password Power Rankings for 2017, highlighting that almost 46% of consumer websites, including Dropbox, Netflix, and Pandora, and 36% of enterprise websites, including Amazon Web Services, have failed to implement the most basic password security requirements.
The study’s point-based ranking system is based on the following criteria: 8+ characters password requirement, alphanumeric passwords requirement, inclusion of a password strength assessment indicator, logins aren’t brute forceable, and 2-factor authentication support. Based on these points, Apple ID scored a 4/5 and earned a “Good” ranking.
“We created the Password Power Rankings to make everyone aware that many sites they regularly use do not have policies in place to enforce secure password measures. It’s our job as users to be especially vigilant about our cybersecurity, and that starts with having strong and unique passwords for every account,” said Dashlane CEO Emmanuel Schalit. “However, companies are responsible for their users, and should guide them toward better password practices.”
GoDaddy, Stripe, and QuickBooks scored a perfect 5, whereas at the very low end with a score of 0/5 were Netflix, Pandora, Spotify, Uber, and Amazon Web Services.
To view the detailed report, click here.