Big ecommerce brands fail password security tests

By Dan Wilson March 6, 2014 - 6:23 pm

Dashlane, a password management system and digital wallet, has published some pretty interesting information about how different online shopping sites look after their user’s passwords. It actually makes for reasonably shocking reading.

They discovered that 66% of the sites they examined accept notoriously weak passwords such as “123456” or “password”. This puts users in danger as these are often the first passwords hackers use when trying to breach accounts.

And also 66% make no attempt to block entry after 10 incorrect password entries (including Amazon UK, Next, Tesco and New Look). This simple policy prevents hackers from using malicious software that can run thousands of passwords during log-ins to breach accounts.

60% do not provide any advice on how to create a strong password during signup, and only 14% display a password meter to help their users gauge the strength of their chosen password.

And this is a real bugbear of mine. 25%, including The Body Shop, Clarks and Superdrug, send passwords in plain text via email letting any hacker that has access to your email account sign in to your other accounts.

Now, of course, looking after our online safety is our own responsibility but it’s surprising how many big players aren’t helping us take basic precautions.

Comments are closed.

Recent Comments

1 hour ago
northumbrian: sorry this guy needs to be on his game not given a chance lots of ...
12 hours ago
Alan Paterson: He has only been with ebay a few months. Lets give the guy a chance...
14 hours ago
ifellow: Been saying that for 10 years. Rate rise wont affect inflation, because its not too...
21 hours ago
Alan Paterson: Yes, but it is a percentage. 99.4% is still OK. Remember they have sold over...
21 hours ago
Alan Paterson: @James above. Complete non-sense. Our business is doing just fine and we follow ebay rules....