Dashlane’s first quarterly Personal Data Security Roundup was released today! The roundup takes a look at password policies of the top 100 e-commerce sites, and the results are staggering.
Most e-commerce sites, which often store their users’ personal info, including credit cards, have password policies that seem to be from a more naive era… perhaps one not riddled with account crackings and data breaches. Here’s an infographic of what the results of our study show:
Click on the infographic for full size version.
- 55% still accept notoriously weak passwords such as “123456” or “password”
- 51% make no attempt to block entry after 10 incorrect password entries (including Amazon, Dell, Best Buy, Macy’s and Williams-Sonoma)
- 64% have highly questionable password practices (receiving a negative total score in the roundup)
- 61% do not provide any advice on how to create a strong password during signup, and 93% do not provide an on-screen password strength assessment
- Only 10% scored above the threshold for good password policies (i.e. 45 points or more in the roundup)
- 8 sites, including Toys “R” Us, J.Crew and 1-800-Flowers.com, send passwords in plain text via email
Your password is barricade between you (and anyone else) and your account. They should be long (more than 8 characters) and complex (include a letter, number, a mix of upper and lower case letters, and/or symbols).
The easiest way to create and remember strong passwords is with a password manager, like Dashlane, which generates unique passwords for you, saves them to your account, and autofills them online. Your data is protected with world-class security and encryption, and is only accessible to you. Learn more and get it free at here.