Big ecommerce brands fail password security tests

By Dan Wilson March 6, 2014 - 6:23 pm

Dashlane, a password management system and digital wallet, has published some pretty interesting information about how different online shopping sites look after their user’s passwords. It actually makes for reasonably shocking reading.

They discovered that 66% of the sites they examined accept notoriously weak passwords such as “123456” or “password”. This puts users in danger as these are often the first passwords hackers use when trying to breach accounts.

And also 66% make no attempt to block entry after 10 incorrect password entries (including Amazon UK, Next, Tesco and New Look). This simple policy prevents hackers from using malicious software that can run thousands of passwords during log-ins to breach accounts.

60% do not provide any advice on how to create a strong password during signup, and only 14% display a password meter to help their users gauge the strength of their chosen password.

And this is a real bugbear of mine. 25%, including The Body Shop, Clarks and Superdrug, send passwords in plain text via email letting any hacker that has access to your email account sign in to your other accounts.

Now, of course, looking after our online safety is our own responsibility but it’s surprising how many big players aren’t helping us take basic precautions.

Comments are closed.

Recent Comments

16 hours ago
northumbrian: "The update, which makes the process especially streamlined and appealing for new sellers," Eh? its as...
17 hours ago
Vinnie: My Computer, My Screen, My Viewing Space. I should be able to decide what I look at and...
17 hours ago
james: of course adblockers are legal, you'd be hard pushed to win a case where you...
17 hours ago
SAM: The App is very disappointing on eBay. Last night the other half was searching for...