Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
AppDefects
Community Champion
‎01-27-2020 09:16 PM
‎01-27-2020 09:16 PM

Password Meters Inconsistent & Misleading!


A December 2019 study by University of Plymouth Professor Steve Furnell assessed the effectiveness of 16 password meters that people are likely to encounter online. While most meters effectively steer users towards more secure passwords, some will over-rate even the most commonly used ones that are found on top 10 "worst-passwords" lists. One positive finding was that a browser-generated password was consistently rated strong. There was no mention of password managers and the strength of the passwords they generate. The paper is behind a pay-wall. An overview is given here: https://www.sciencedaily.com/releases/2019/12/191219090745.htmA December 2019 study by University of Plymouth Professor Steve Furnell assessed the effectiveness of 16 password meters that people are likely to encounter online. While most meters effectively steer users towards more secure passwords, some will over-rate even the most commonly used ones that are found on top 10 "worst-passwords" lists. One positive finding was that a browser-generated password was consistently rated strong. There was no mention of password managers and the strength of the passwords they generate. The paper is behind a pay-wall. An overview is given here: https://www.sciencedaily.com/releases/2019/12/191219090745.htm

Reply
0 Kudos
3 Replies
Caute_cautim
Community Champion
‎01-28-2020 01:43 PM
‎01-28-2020 01:43 PM

Hi @AppDefects Another set of reasons for eliminating passwords and going FIDO instead.  Given that the shift to SD-WANs and Zero Trust Security is absolutely riddled with digital certificates.    Perhaps greater security awareness on the use of passwords, holding them in browsers is required throughout the whole of 2020?

 

Regards

 

Caute_cautim

Reply
0 Kudos
ericgeater
Community Champion
‎01-29-2020 09:30 AM
‎01-29-2020 09:30 AM

Is that a recommendation for browsers to retain / keep passwords?  I've always been skeptical of that.

-----------
A claim is as good as its veracity.
Reply
0 Kudos
Caute_cautim
Community Champion
‎01-29-2020 01:10 PM
‎01-29-2020 01:10 PM

Hi @ericgeater No, in answer to your question.   I did notice the latest Firefox has a password sync capability for convenience and some password managers also have the same capability to link between sites.   Great convenience for the public, and the speed of reaction we all want in terms of interaction.  

 

But this sacrifices both privacy and security for the sake of convenience.  However, these features are the very things that every user wants.   And are probably very willing to sacrifice with exceptions in the case of Firefox and a Master password.

 

Regards

 

Caute_cautim

Reply