acm-header
Sign In

Communications of the ACM

Home/News/Password Meters Could Increase Risk of Cyberattack/Full Text
ACM TechNews

Password Meters Could Increase Risk of Cyberattack

By University of Plymouth (U.K.)
December 20, 2019
Comments
View as: Print Mobile App Share:
Measuring relative security.

A study evaluating popular password meters found these tools offer "inconsistent and misleading" advice that could elevate the risk of cyberattack.

Credit: Getty Images

A study by the University of Plymouth in the U.K. evaluating 16 popular password meters found these tools offer "inconsistent and misleading" advice that could elevate the risk of cyberattack.

The study by Plymouth's Steve Furnell concentrated on dedicated password meter websites, but also assessed meters embedded in online services like Dropbox and Reddit, as well as those included as standard features on certain devices.

The analysis revealed varying advice; while some meters direct users toward more secure account passwords, others do not flag extremely insecure passwords.

Said Furnell, "Credible password meters can have a valuable role to play, but misleading meters work against the interest of security and can simply give further advantage to attackers."

From University of Plymouth (U.K.)
View Full Article

 

Abstracts Copyright © 2019 SmithBucklin, Washington, DC, USA

 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account