Web Watch has told you about how to make your online passwords harder for hackers to easily guess.
But apparently, people are still not paying attention. Yet again, we’ve hearing news reports of leaked hacked passwords list, and “password” and “123456” are still at the top of the list of passwords being used.
How bad is this? Maybe it all depends on which websites you’re using it on.
See, regardless of how good or bad your password is, the other half of the equation is whether the website you’re using it on is protective of this critical piece of information.
When you request a password reset, for example, does the website send it to you in plain text email, or does the site automatically reset the password to something unguessable, and makes you verify who you are before continuing?
A recent survey reviewed ONLINE RETAILERS’ PASSWORD POLICIES to see if they were in compliance with security best practices. For example, do they lock your account after a certain number of failed attempts? Or do they require a minimum length of password in order to make hacking it a bit harder?
THE FIVE BEST COMPANIES, who implemented the best password/account protection policies are:
- Apple (a perfect score of “100” on the survey, the only company to do so)
- Newegg (in 2nd place…. at “65”, if that gives you an idea of the spread between what Apple does vs what everyone else is doing)
THE TEN WORST COMPANIES at working to keep your password and accounts secure, according to the survey:
- Major League Baseball / MLB
- Dick’s Sporting Goods
- Toys R Us
- J. Crew
- American Girl
- Are you secure? You’d be surprised how little time it can take to hack your password
- More proof that you suck at choosing passwords
- Picking a good password is important. “Tigger” is not a good password.
- Your passwords still suck: a continuation of our conversation
- Are you a Showroomer? When retail stores fight back against the Internet, we all lose
- Your Password Sucks