Best Reviews logo
Best Reviews may receive compensation for its content through paid collaborations. See how we sustain our work & review products.
How Popular Websites Fail to Guide Users in Creating Strong Passwords

How Popular Websites Fail to Guide Users in Creating Strong Passwords

By István F. István F. Verified by Adam B. Adam B. Last updated: July 14, 2024 (0)

If you’ve been following our password management blog then you already know to be wary of weak passwords and to keep an eye on the validity of websites that you visit to avoid phishing scams. And you’ve probably already read about the abundance of data breaches that overshadow the use of online accounts, but even with all this info already we are pretty sure that you don’t want to be left out of all the goodies that technology, websites, and the internet as a whole can provide.

The first piece of the account protection puzzle: you

We can only hope that these security breaches at least raise awareness about weak passwords and make you think twice about picking a password that tops the weakest password list each year. It all starts with the user, if they don’t care about good password hygiene, then the opportunity for hackers is clearer. Acceptable password hygiene implies a unique password for every account, but you pick the way that they are stored.

Despite the abundance of security breaches, the majority of online service providers don’t really care about password security, or, if they do, the necessary additional measures are hidden out of sight to keep the user’s login process hassle-free. Sadly, security and convenience don’t walk hand-in-hand, in other words it’s up to you to create a cryptographically secure password in the first place if you hope to be 100% certain of your account security. But that’s only the first piece of the puzzle…

Popular websites fail to encourage strong passwords

Password security expectations change on an almost yearly basis, mostly because of the high number of data leaks and the growing amount of password data that is available to hackers. But even so, major websites are slow to change their password policy, which was proven after testing the password policy of five major websites: Facebook, Gmail, Amazon, Reddit, and Twitter.

What we discovered is alarming. Even though “password” has topped the list of weakest passwords for years, it is still accepted by any site when used in conjunction with the service’s name, such as “gmailpassword”. Worse still, Reddit – which was hacked recently – deems “password” to be acceptable, although at least the tiny password meter displays a warning red color. However, Reddit is the only one of these sites that uses a password meter, the rest tested by us simply inform the user via a message displayed in red about how weak their chosen password is. Just a quick example: while “password” or “password123” is a no-no for Twitter, the website still considers Password123 to be acceptable. That password would take less than a minute to crack.

After all those major security breaches, you’d expect online services to put more effort into educating their users about password security, at least offering the option to enable two-factor authentication from the initial sign-up page. But no, in order to enable this security option – if it’s even available – you will need to dig deep into the settings and search for it yourself, which makes it a hard find. As a result, major websites still encourage weak security measures, which unfortunately exposes users and makes data breaches possible.

What can you do?

We know how inconvenient online security can be sometimes but if you really want to protect your online account, then implementing some form of protection is a must. The easiest way to increase online security is by using a VPN – to hide your online traffic from prying eyes – in addition to a password management service. The latter will generate cryptographically secure passwords for you and prompt you to store any login details as soon as it is enabled. Password managers will also make sure that you’re visiting a legitimate website, keep an eye on data breaches, and suggest a password change if needed.


Editor's choice
RoboForm logo
Editor's rating:
(4.5)
Effective security center
Passkey compatibility
Intuitive and organized interface
Affordable prices
Families
LastPass logo
Editor's rating:
(4)
Logical interface
Automated password categorization
Advanced mobile version
Various two-factor authentication options
Businesses
1Password logo
Editor's rating:
(4.5)
End-to-end encryption
Secure authentication method
Data breach alarms
One-time password support
Security features
Keeper logo
Editor's rating:
(4.5)
Robust security
Wide range of platform support
Affordable
Great customer support
Personal use
NordPass Personal logo
Editor's rating:
(4.5)
Strong security features
Effective password generator
Excellent free version
Attractive price
Password sharing
Dashlane logo
Editor's rating:
(4)
Password changer
Built-in VPN
Flawless data import
Thorough iOS/Android app
Local storage
Enpass logo
Editor's rating:
(4)
Packed with features
Free for desktop users
Offline password manager
End-to-end encryption
User Feedback

 Leave a reply

Your email address will not be published. Required fields are marked *


Latest Articles

Creating the Perfect Landing Page: A Beginner’s Guide
Even though we might not like it, first impressions are key. That’s why having a well-crafted landing page for your business is more than just having a pretty face on the web – it’s your ticket to ...
Read article
How To Master English Fluency: 10 Effective Tips and Tricks
When it comes to language learning, we often come across the word ‘fluency’. But what does it mean exactly? Simply put, fluency is the ability to articulate a message ...
Read article
4 Reasons To Choose CRM Software With AI
With the competition increasing, maintaining lasting customer relationships is more crucial than ever. Customer relationship management (CRM) systems have long been the backbone of most businesses’ effective interaction management, helping them streamline processes, improve satisfaction, and boost sales
Read article

Best Reviews

Best Reviews may receive compensation for its content through paid collaborations and/or affiliate links. Learn more about how we sustain our work and review products.

©2012-2024 Best Reviews, a clovio brand – All rights reserved
Privacy policy · Cookie policy · Terms of use · Partnerships · Contact us