Want to reduce fraud? Make a better password, dummy! – TechCrunch

Startups


Researchers at Indiana University have confirmed that stringent password policies – aside from being really annoying – actually work. The research, led by Ph.D. student Jacob Abbott, IU CIO Daniel Calarco, and professor L. Jean Camp. They published their findings in a paper entitled “Factors Influencing Password Reuse: A Case Study.”

“Our paper shows that passphrase requirements such as a 15-character minimum length deter the vast majority of IU users (99.98 percent) from reusing passwords or passphrases on other sites,” said Abbott. “Other universities with fewer password requirements had reuse rates potentially as high as 40 percent.”

To investigate the impact of policy on password reuse, the study analyzed password policies from 22 different U.S. universities, including their home institution, IU. Next, they extracted sets of emails and passwords from two large data sets that were published online and contained over 1.3 billion email addresses and password combinations. Based on email addresses belonging to a university’s domain, passwords were compiled and compared against a university’s official password policy.

The findings were clear: Stringent password rules significantly lower a university’s risk of personal data breaches.

In short, requiring longer passwords and creating a truly stringent password policy reduced fraud and password reuse by almost 99%. Further, the researchers found that preventing users from adding their name or username inside passwords it’s also pretty helpful. Ultimately, having a stringent password policy is far better than have none at all. It’s a no-brainer but it could be an important data point for your next tech project.



Source link

Products You May Like

Articles You May Like

Casio adds modern tech to the classic G-Shock watch – TechCrunch
TravelPerk grabs $44M to take its pain-free SaaS for business travel global – TechCrunch
iPhone XS vs. Pixel 3 camera shootout
Daivergent connects people on the autism spectrum with jobs in data management – TechCrunch
Google tweaks Android licensing terms in Europe to allow Google app unbundling — for a fee – TechCrunch

Leave a Reply

Your email address will not be published. Required fields are marked *