INFOGRAPHI​C: The Illusion of Personal Data Security in E-Commerce



Dashlane’s first quarterly Personal Data Security Roundup was released recently. The roundup takes a look at password policies of the top 100 e-commerce sites, and the results are staggering.

Most e-commerce sites, which often store their users’ personal info, including credit cards, have password policies that seem to be from a more naive era… perhaps one not riddled with account crackings and data breaches. Here’s an infographic of what the results of their study show. OUCH. Key findings:

  • 55% still accept notoriously weak passwords such as “123456” or “password”
  • 51% make no attempt to block entry after 10 incorrect password entries (including Amazon, Dell, Best Buy, Macy’s and Williams-Sonoma)
  • 64% have highly questionable password practices (receiving a negative total score in the roundup)
  • 61% do not provide any advice on how to create a strong password during signup, and  93% do not provide an on-screen password strength assessment
  • Only 10% scored above the threshold for good password policies (i.e. 45 points or more in the roundup)
  • 8 sites, including Toys “R” Us, J.Crew and 1-800-Flowers.com, send passwords in plain text via email

 

Dashlane InfoGraphic resized 600

Since many of these sites do not enforce any kind of password standards, some security awareness training that educates employees how to create a strong password is not a bad idea!




Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews