Communications of the ACM

Home/News/Seventy-Five Percent of the World's Top Websites Allow.../Full Text

ACM TechNews

Seventy-Five Percent of the World's Top Websites Allow Bad Passwords

By New Scientist
June 24, 2022
Comments

View as: Print Mobile App Share:

The researchers remain uncertain about why so many popular websites still have subpar password policies.

Credit: Rafael Henrique/SOPA Images/LightRocket/Getty Images

Princeton University's Arvind Narayanan and colleagues found 75% of 120 top-ranked English-language websites permit weak passwords, while over half also allow 40 of the most common leaked and easily guessed passwords.

The researchers manually checked those 40 passwords on each site, choosing 20 from a randomized sampling of the 100,000 most frequently used passwords detected in data breaches, as well as the first 20 passwords guessed by a password cracker.

Just 15 sites blocked all 40 tested passwords, including Google, Adobe, Twitch, GitHub, and Grammarly.

Only 23 of the 120 sites provide strength meters that encourage users to create sufficiently strong passwords, while 54 sites still follow poorly rated password composition policies.

From New Scientist
View Full Article

No entries found

Seventy-Five Percent of the World's Top Websites Allow Bad Passwords

Why Are Lawyers Afraid of AI?

Achievement in Microarchitecture

Digitization Puts Many at a Disadvantage