You would think that Amazon, Reddit, Wikipedia and other highly popular websites would by now tell you that “password1” or “hunter2” is a terrible password — just terrible. But they don’t. A research project that has kept tabs on the top sites and their password habits for the last 11 years shows that most provide only rudimentary password restrictions and do little to help users.
craigslist va , craigslist washington dc area , craigslist web page , dating ads like craigslist , dating classifieds like craigslist , ebay craigslist and other similar sites , ebay kijiji pets , for sale listings like craigslist , for sale sites like kijiji , free advertising sites like gumtree , free classified sites like craigslist , free classifieds like craigslist , free classified websites in india, free craigslist auto poster software , free listing sites like craigslist , free online classifieds like craigslist , free posting sites like craigslist , free stuff like craigslist , free stuff sites like craigslist , gay sites like craigslist , geebo classifieds , hookup personals like craigslist , hookup sites besides craigslist, how to create a website like craigslist , how to create craigslist like website, how to make a craigslist type website , how to make a website like craigslist , how to make a website like craigslist for free , how to place a free ad on craigslist , how to post ads on kijiji in different locations ,
Steven Furnell, of the University of Plymouth, first did a survey of websites’ password practices in 2007, repeating the process in 2011 and 2014 — and then once more this week. His conclusions?
craigslist be like , craigslist classifieds personals , craigslist classifieds search engine , craigslist competitor sites , craigslist ebay jobs , craigslist equivalent uk , craigslist forum list , craigslist like software , craigslist local classified , craigslist main website , craigslist options , craigslist or similar sites , craigslist personals alternative uk , craigslist related sites , craigslist related websites , craigslist rival , craigslist search free , craigslist shopping website , craigslist similar app , craigslist sites florida , craigslist sites list, craigslist sites pa , craigslist sites united states , craigslist style sites, craigslist style website , craigslist type , craigslist type app , craigslist type sites personals , craigslist type websites , craigslist usa states ,
It is somewhat disappointing to find that the overall story in 2018 remains largely similar to that of 2007. In the intervening years, much has been written about the failings of passwords and the ways in which we use them, yet little is done to encourage or oblige us to follow the right path.
best classified websites , best online classifieds , best sites like craigslist, better craigslist , better site than craigslist personals , better than craigslist ad , better than craigslist for cars , better than craigslist for selling, better than craigslist jobs , better than craigslist personals , buy and sell sites like kijiji , buy and sell websites like craigslist , buying sites like craigslist , car buying websites like craigslist , casual hookup site like craigslist , classified ad sites like craigslist , classified ads like craigslist, classified selling sites , classified sites like craigslist , classifieds like backpage , close5 vs craigslist , companies like craigslist , craigslist all sites, craigslist alternative app , craigslist alternative canada , craigslist alternative nyc , craigslist alternative uk , craigslist and offerup , craigslist and other similar sites , craigslist and similar sites ,
Although the university writeup notes that Google, Microsoft and Yahoo had the best password practices and Amazon, Reddit and Wikipedia had the worst, it diplomatically declined to go into specifics. Fortunately, I acquired the paper for myself and am prepared to name and shame.
adoos website , ad sites like craigslist ,advertising sites like craigslist,alternative craigslist adults service ,alternative kijiji ,alternative sites to gumtree ,alternatives to craigslist for housing ,alternative to craigslist adults service ,alternative to craigslist personals uk ,alternative to kijiji ,any other sites like backpage ,any other sites like craigslist ,any other sites like craigslist personals ,any other websites like craigslist ,any sites like craigslist ,any sites like craigslist personals ,apartment sites other than craigslist ,are there any other sites like craigslist ,are there any other sites like craigslist personals ,are there other sites like craigslist ,are there other websites like craigslist ,a site like craigslist ,australian craigslist equivalent,a website like craigslist ,backpage and similar sites ,back page free ads,backpage vs kijiji ,besides craigslist ,best alternative to craigslist ,best apps like craigslist ,best classified ads ,best classified sites in usa ,
The top 10 unique sites in English (as measured by Alexa; the lineup has changed somewhat over the years) were evaluated: Google, Facebook, Wikipedia, Reddit, Yahoo, Amazon, Twitter, Instagram, Microsoft Live and Netflix.
sell free ads , selling classified ads ,send free ads ,to give free advertisement,top classified sites ,top free classifieds ,top free classified sites ,to place a free ad ,to place free ads ,to post a free ad ,to post an ad ,to post free ads ,to post free ads online ,wanted free ads ,want to give free ad ,want to place free ad ,want to post ad ,want to post ads for free ,want to post free ads for rent ,where can i place a job advert for free ,where can i post my free ads,where to post an add for free ,where to post classifieds for free ,yellow free ads ,yellow free ads paper ,malaysia classifieds ,free online advertising malaysia ,adpost malaysia ,
The biggest failure is inarguably Amazon, which combines truly inadequate password controls with an incredibly valuable and personal service. Wikipedia and Reddit had fewer restrictions, but neither protects such important data; an Amazon account being accessed by malicious actors is a far greater danger.
post free ads in , post free ads in classifieds ,post free ads no account required ,post free ads online for real estate ,post free ads online free ,post free ads online on google ,post free ad to sell my car ,post free advertising sites ,post free adverts online ,post free buy sell classified ads ,post free classifieds in usa ,post free classifieds online ,post free classifieds without registration ,post free job classified ads ,post free listing ,post free real estate classified ads ,posting of free ads ,post it ads ,post job advert for free,post my add free ,post online advertising ,post this ad ,post your advertisement ,post your free classified ad ,publish free ads online ,put an ad online for free ,put free ads online ,quicker free add ,quikr free ad,search free ads ,
Amazon accepted practically every password Furnell threw at it, including repeats of the username, the user’s own name and, of course, the all-time classic, “password.” (Netflix and Reddit also took “password,” though Wikipedia didn’t. Wikipedia, on the other hand, accepted single-character passwords like “b.”)
Even sites that do have restrictions, like requiring multiple character types or rejecting commonly used passwords, seldom explain themselves. Presented with no feedback at the start, users creating an account may enter a password, only to be told it must be longer… and then, again, that it can’t have a certain word (like the user’s last name)… and then, again, that it must include special characters. And some sites have different requirements when you sign up than when you set a new one!
Why not lay it all out at the start? And for that matter, why not explain the reasoning behind it? It’d be trivial to make a little info box saying “We require X because Y.” But hardly any of the top sites do.
The one bit of light in this dreary report is that two-factor authentication — arguably more important than a good password — is in fact making strides, and some of the worst offenders in password policy (looking at you, Amazon) allow it. Now they just have to move it off of SMS and onto a secure authenticator app.
The final word is pretty the same as it’s been for the last decade:
The basic argument here – as with the earlier versions of the study and the others referenced – is for provision of user-facing security to be matched with accompanying support. Passwords are a good example because we know that many people are poor at using them. And yet the lesson continues to go unheeded and we continue to criticise the method and blame the users instead.
Two-factor is a start, but:
Users arguably require more encouragement – or indeed obligation – to use them. Otherwise, like passwords themselves, they will offer the potential for protection, while falling short of doing so in practice.
In other words, quit talking about how bad passwords are and do something about it!
|