A study hot off the press, conducted by password management firm Dashline, Inc., has discovered that the majority of the United States’ most popular eCommerce sites used on Thanksgiving and Christmas periods fail the most basic password security test.
The eCommerce Security Roundup report scrutinised the password security policies of 25 of the most popular online retailers in America on 22 benchmarks with each of the criterion being awarded a plus or minus point that saw a website to obtain a score between -100 and +100.
To meet Dashline’s minimum requirements, a score of +50 for good password practices was needed from the sites.
However, from the results gained in the study, it was revealed that an extraordinary 80% of the sites tested failed to meet the minimum secure password threshold.
72% of test sites involved in the research were found to not require a password with a capital letter and a number or symbol in it. It’s worth noting that this is a de facto password security basic in 2015. Furthermore, 56% of sites allowed users to have a password less than eight characters long, and three of the guilty parties were major brands; eBay, IKEA and Macy’s.
Just when you thought that was worrying enough, 32% of the sites included in the testing had such feeble password security that they allowed the ten most common passwords to be used, including:
Just to further cement the concern is that eCommerce sites guilty for this included Amazon, along with Walmart, the hypermarket giants, REI, the outdoor activities clothing retailers, and Wayfair, an online furniture company.
It’s not all cause for concern though. As Apple made Amazon, and eBay, among others, look very amateurish, after receiving a perfect score, making them the highest ranked site in the study.
For Apple to be rewarded this score at the same time as providing improved security for its customers, Apple accounts require complex, long, alphanumeric passwords. Its systems do not allow easily hackable passwords to make the cut either. Good work Apple!
Security should be at the forefront for eCommerce UK sites, and, as this study has shown, we can all be guilty of not being up to speed, but it’s vital that you ensure customers are protecting themselves online.