Sign In

Communications of the ACM

ACM TechNews

Password Meters Could Increase Risk of Cyberattack


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
Measuring relative security.

A study evaluating popular password meters found these tools offer "inconsistent and misleading" advice that could elevate the risk of cyberattack.

Credit: Getty Images

A study by the University of Plymouth in the U.K. evaluating 16 popular password meters found these tools offer "inconsistent and misleading" advice that could elevate the risk of cyberattack.

The study by Plymouth's Steve Furnell concentrated on dedicated password meter websites, but also assessed meters embedded in online services like Dropbox and Reddit, as well as those included as standard features on certain devices.

The analysis revealed varying advice; while some meters direct users toward more secure account passwords, others do not flag extremely insecure passwords.

Said Furnell, "Credible password meters can have a valuable role to play, but misleading meters work against the interest of security and can simply give further advantage to attackers."

From University of Plymouth (U.K.)
View Full Article

 

Abstracts Copyright © 2019 SmithBucklin, Washington, DC, USA


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account