These are the least secure online retail websites


By web gangsta | Published:

Web Watch has told you about how to make your online passwords harder for hackers to easily guess.

But apparently, people are still not paying attention.  Yet again, we’ve hearing news reports of leaked hacked passwords list, and “password” and “123456” are still at the top of the list of passwords being used.

How bad is this?  Maybe it all depends on which websites you’re using it on.

Passwords & Internet Addresses Journal For Dummies
Passwords & Internet Addresses Journal For Dummies

See, regardless of how good or bad your password is, the other half of the equation is whether the website you’re using it on is protective of this critical piece of information.

When you request a password reset, for example, does the website send it to you in plain text email, or does  the site automatically reset the password to something unguessable, and makes you verify who you are before continuing?

A recent survey reviewed ONLINE RETAILERS’ PASSWORD POLICIES to see if they were in compliance with security best practices.  For example, do they lock your account after a certain number of failed attempts?  Or do they require a minimum length of password in order to make hacking it a bit harder?

THE FIVE BEST COMPANIES, who implemented the best password/account protection policies are:

  1. Apple (a perfect score of “100” on the survey, the only company to do so)
  2. Newegg (in 2nd place…. at “65”, if that gives you an idea of the spread between what Apple does vs what everyone else is doing)
  3. Microsoft
  4. Chegg
  5. Target

THE TEN WORST COMPANIES at working to keep your password and accounts secure, according to the survey:

  1. Major League Baseball / MLB
  2. Karmaloop
  3. Dick’s Sporting Goods
  4. Toys R Us
  5. Aeropostale
  6. J. Crew
  7. Vitacost
  8. Nutrisystem
  9. American Girl
  10. 1-800-Flowers