Top 10 Bottom 10 Common simple, passwords allowed Top e-retailers that allow login attempts after 10 incorrect passwords
E-retailer Score E-retailer Score Password % of retailers allow Amazon
Apple 100 MLB -75 password 58% Dell
Newegg 65 Karmaloop -70 123456 55% Best Buy
Microsoft 65 Dick's Sporting Good -65 12345678 57% Macy's
Chegg 65 Toys R Us -60 abc123 70% Williams-Sonoma
Target 60 Aeropostale -60 qwerty 58% HSN
Williams-Sonoma 55 J. Crew -55 monkey 59% LL Bean
CDW 50 Vitacost -50 letmein 59% Toys "R" Us
Amway 45 Nutrisystem -50 dragon 59% Overstock
Musician's Friend 45 American Girl -50 111111 55% Vistaprint
Nike 45 1-800 Flowers -46 baseball 62%    
Alphanumeric & mixed-case passwords required Worst minimum password
length
Password emailed in plain text
after a change or reset
Apple E-retailer Length Toys R Us
CDW 1-800 Flowers 1 J. Crew
Newegg Northern Tool 1 1-800 Flowers*
Target Build 2 Blue Nile*
Nike Fanatics 3 Dick's Sporting Good
Microsoft Urban Outfitters 3 Aeropostale
Ann Inc. Scholastic Inc. 3 MLB*
Bass Pro Outdoor Nutrisystem 3 Karmaloop*
Express CafePress 3 * Also send the login id
Chegg Victoria's Secret 4    
    Shutterfly 4    
    Fresh Direct 4    
    Vitacost 4    
    ShopNBC 4    
    Karmaloop 4