Sign In

Communications of the ACM

ACM TechNews

Outdated Password Practices are Widespread

View as: Print Mobile App Share:
Logging in.

Three out of four of the world’s most popular websites are failing to meet minimum requirement standards and allowing tens of millions of users to create weak passwords.

Credit: Georgia Tech Research

A majority of the world’s most popular websites are putting users and their data at risk by failing to meet minimum password requirement standards, according to researchers at the Georgia Institute of Technology (Georgia Tech).

The researchers analyzed 20,000 randomly sampled websites from the Google Chrome User Experience Report, a database of 1 million websites and pages.

Using a novel automated tool that can assess a website’s password creation policies, they found that many sites permit very short passwords, do not block common passwords, and use outdated requirements like complex characters.

Georgia Tech’s Frank Li said the security researchers have “identified and developed various solutions and best practices for improving Internet and Web security. It's crucial that we investigate whether those solutions or guidelines are actually adopted in practice to understand whether security is improving in reality."

From Georgia Tech Research
View Full Article


Abstracts Copyright © 2023 SmithBucklin, Washington, D.C., USA


No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account