![]() ![]() ![]() “Customers should be encouraged to create a strong, unique login that is long and complex, containing a mixture of numbers, letters and special characters with the help of a password strength meter. “Weak or stolen credentials continue to play a major role in breaches, so it’s worrying that the most popular UK retailers have pretty lax password requirements when hundreds of thousands of shoppers will be flocking to these sites for a good deal on Black Friday. Consumers also have a responsibility to understand best security practices, so they can choose where to safely shop online. “With the wealth of personally identifiable information (PII) and sensitive data that online retailers process, all have a responsibility to ensure they take the necessary steps to protect their customers and educate them on best security practices. Sandor Palfy, CTO of Identity and Access Management at LogMeIn said: “Black Friday has fast become one of the biggest online shopping events of the year: £1.39 billion was spent in the UK on retail sites in 2017. If a password is forgotten, all 10 sites send users a reset link or a one-time code, rather than sending the original password to the registered email, making it harder for an imposter to pose as a customer to gain access. The fear of forgetting: We know that fear of forgetting a password is the biggest reason people reuse passwords but most sites make it fairly easy to create a new password if you forget it.With all communications between users’ browsers and the website being encrypted, this is good news for shoppers entering personal information and card details. All retailers succeeding in site encryptionĮvery retailer tested runs on HTTPS, the secure version of HTTP.None of the top 10 retailers require special characters when creating a password and only 2/10 sites (Asda and Very) provide a password strength meter to indicate weak to strong passwords. Despite passwords being a major cause of breaches, retailers aren’t promoting strong password practice.Unfortunately, these results tie in with LastPass’ recent Global Password Security Report which found that 45% of businesses use multi-factor authentication and that retail organisations are lagging behind other industries in password practices and adoption of multi-factor authentication (MFA). 2FA provides an additional layer of security toward preventing unauthorised access to an account. Nine out of the 10 top retailers still don’t support two-factor authentication, Amazon being the only site that did support it. Features considered in the scoring included password requirements (length, special characters, numbers), if sites featured a password meter, if sites supported 2FA, what personal information is required at account set-up and whether sites ran on secure HTTPS vs HTTP. LastPass identified the top 10 UK retailers by 2017 e-commerce sales and scored them on their security offerings. With Black Friday and Cyber upon us, the analysis has revealed that retailers still have work to do to encourage strong password security and support two-factor authentication (2FA). ![]() LastPass by LogMeIn, a leader in password management, has revealed its ranking of the most and least secure UK online retailers ahead of the holiday shopping season. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |