Password Meters are exposing online users to Cyber Attacks


The next time you come across a password meter on your favorite website, you better beware of its inconsistent and misleading advice. A recent study made by a group of researchers from the University of Plymouth says that most of the password meters are exposing online users to Cyber Attacks. This includes those used on popular online platforms like DropBox and Reddit. 


According to a white paper published on Computer Fraud and Security, there is a clear variation in the advice offered across different websites that offer password meters to check the strength of a password generated by a user.


Though a small section of password meters are steering their users towards a secure login, some just let the users utilize most generic passwords such as ‘Iloveyou’ and QWERTY along with 1234567 and Abc12345.


Steve Furnell, the Professor of Information Security and Leader of the Security, Communication and Network Research operations at the University of Plymouth was the man who led the study which revealed the above stated startling facts.


Prof. Furnell feels that websites like Amazon and LinkedIn are doing their best in creating awareness among online users on generating and using safe as well as secure passwords. But this isn’t enough to educate the public in this festive season where online shopping and discount are bevies.


While one password meter marks a user-generated password as a potential risk, other service provider accepts it as a safe credential and allows the user to utilize that word. 


Steve and his team’s study tested over 16 passwords on various services and discovered that over 10 of the services identified the world’s most commonly used passwords as safe & secure- even though they were explicitly weak passwords.


Therefore, security experts suggest that online service providers should offer credible password meters which never mislead the online users giving advantage to hackers.


Note– Password meter is a service offered on various websites while generating a login credential by a new user. It helps a new user in securing his/her password safely and securely by urging them to generate a password that starts with a capital letter, is a mixture of alphanumeric characters and has a special character included in the password.

Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display