"Popular Business Web Apps Fail to Implement Critical Password Requirements"
Specops Software published new research on cybersecurity vulnerabilities discovered in business web apps such as Shopify, Zendesk, Trello, and Stack Overflow. According to the new research, several popular business web applications have failed to implement critical password and authentication requirements in order to protect customers. Specops' study discovered insufficient password and authentication requirements that could expose customers to risk, such as allowing users to set weak and breached passwords, often with little or no strong authentication implemented. Mailchimp, on the other hand, proved to be the most secure service tested, blocking 98 percent of known breached passwords. Because of hackers, people are taught to secure their computers with antispyware, antivirus, and antimalware software but they are not taught about how persistent malicious actors could be with passwords. A compromised password can result in significant financial and personal harm. Despite the popularity of web services, these web applications have not taken the necessary precautions to reduce the risk of their customers becoming victims of cybercrime. Darren James, Head of Internal IT pointed out that they have increased the chances of this happening by failing to implement critical password and authentication requirements. For example, Shopify, one of the world's most popular e-commerce platforms, was discovered failing at preventing any compromised passwords. With only one password requirement, being at least five characters, 99.7 percent of the 1 billion known breached passwords were found to meet Shopify's password requirement. This article continues to discuss key findings from Specops' analysis of cybersecurity weaknesses in popular business web apps.