"Many Popular Websites Still Cling to Password Creation Policies From 1985"

According to a study conducted by researchers at the Georgia Institute of Technology, many popular websites still allow users to choose weak or even single-character passwords. The researchers used an automated account creation method to evaluate more than 20,000 websites across the Tranco top 1M, and the password creation policies users must adhere to. They discovered that 75 percent of websites permit passwords shorter than the recommended eight characters (with 12 percent allowing single-character passwords). They also found that most websites still follow the National Institute of Standards and Technology's (NIST) 2004 password policy guidelines, despite being updated in 2017. A sizable proportion of websites (16.7 percent) continue to follow NIST recommendations from 1985. This article continues to discuss key findings from the researchers' analysis of websites and password creation policies.

Help Net Security reports "Many Popular Websites Still Cling to Password Creation Policies From 1985"

Submitted by grigby1

Submitted by Gregory Rigby on