These days, we're trusting more and more online retailers to protect our data. Many websites require you to make an account, even if you only plan to shop there once. Faced with the difficult task of making up a unique password for tens, maybe hundreds of sites, many of us fall back on the bad habit of using bad passwords. Unfortunately, a new study showed that 64% of online retailers don't seem to care whether their shoppers are making strong passwords or not.
Apple has the Best Password Policies
Dashlane, an online password management company, ranked the top 100 e-commerce websites (as determined by Internet Retailer’s 2013 Top 500 eGuide) according to 24 different criteria, such as whether a site accepted weak passwords like "123456" or "password." Retailers could earn a score ranging from -100 to 100, and the vast majority (64%) earned a negative store. The study found that 55% of retailers accepted very weak passwords. And 51% of sites made no attempt to block account access after 10 incorrect password entries — including Amazon, Dell, Best Buy, and Macy's.
Apple, Newegg, and Microsoft took the top spots in the study's ranking of the best online retailers in terms of password security, while MLB, Karmaloop, and Dick's Sporting Goods had the worst scores. However, only Apple earned a perfect score of 100.
"The danger with a weak password policy is that it leaves users’ personal data vulnerable," the study's press release read. "The weaker the password, the easier it is for hackers to break into an account. Therefore, sites with lenient password policies are leaving their users exposed to greater risk." See the infographic below for more of the study's findings. (You can click on the image to see a full-size version.)
Readers, how do you protect your information online? Do you have a mental list of 700 super-secure passwords? Or do you use "password" for everything and damn the consequences? Share your secrets (but not your passwords) in the comments below!