By Paula Bostrom on Tue, 01/28/2014
I recently went through the horror of fraud on one of my credit cards. Thankfully, it was caught quickly, but it has been a pain to replace it and enter my new credit card number at all the e-retailers' sites where I routinely make purchases.
After reading a new report from Dashlane, a password manager company, I'm confident, out of all the e-retailers I use, my new credit card will be carefully guarded on Apple's site.
Dashlane recently released the first edition of its quarterly Personal Data Security Roundup. The company ranked the top 100 e-retailers' password policies and Apple received the highest rating and was the only retailer to receive a perfect score.
Dashlane's roundup examined 24 different criteria for passwords that were identified as important to online security, and awarded or docked points depending on if a site met the standards.
Their findings indicated that 55 percent of e-commerce sites still accept feeble passwords such as "123456" or "password." After 10 incorrect password entries by account holders, 51 percent make no attempts to block entry (including Amazon, Dell, and Best Buy). Sixty-one percent do not provide advice on how to create a strong password and 93 percent of sites do not provide an on-screen password strength assessment.
MLB.com, Karmaloop, and Dick's Sporting Goods received the three lowest scores, according to the Dashlane report. Amazon, Walmart, Victoria's Secret, and Toys "R" Us were also among the lowest ranked sites.
Dashlane recommended that e-commerce sites adopt simple policies such as requiring that passwords contain at least eight characters, with a combination of upper/lower-case letters, numbers and symbols. Other recommendations include blocking account access after four failed logins, providing users with on-screen advice on how to choose a strong password during sign-up, and using an on-screen assessment of password strength while they're choosing a password.
Dashlane says Apple implements all these policies and procedures, resulting in the company being awarded the only perfect score in the study.
Other retailers that attained top scores for password protection were Newegg, Microsoft, and Chegg (tying for second), and Target (we're talking its website and not recent problems with in-store purchases) received third place.