A new study conducted by researchers at Georgia Tech has revealed that the majority of the world’s most popular websites are putting tens of millions of users at risk by not meeting basic password security standards. The study utilized an automated tool to assess the password creation policies of websites and examined the Google Chrome User Experience Report (CrUX), which includes a database of 1 million websites and pages.
The researchers discovered significant deficiencies in password policies across a sample of 20,000 websites from the CrUX database. Key findings included inadequate password length requirements, lack of common password blocking, outdated requirements, and absence of length requirements.
The automated tool, developed by Assistant Professor Frank Li and Ph.D. student Suood Al Roomi from Georgia Tech’s School of Cybersecurity and Privacy, utilized machine learning to assess the consistency of length requirements, restrictions on characters, acceptance of spaces and special characters, and the implementation of password block lists. The researchers emphasized the importance of investigating the real-world adoption of security solutions and guidelines to understand whether security is improving in practice.
The study highlights the need for increased vigilance and adherence to contemporary security measures in the face of evolving cyber threats. In related news, NordPass has unveiled the most common passwords in 2023, indicating that outdated password practices still persist despite repeated warnings from cybersecurity experts.
I have over 10 years of experience in the cryptocurrency industry and I have been on the list of the top authors on LinkedIn for the past 5 years. I have a wealth of knowledge to share with my readers, and my goal is to help them navigate the ever-changing world of cryptocurrencies.
