Want to reduce fraud? Make a better password, dummy! – TechCrunch

Startups


Researchers at Indiana University have confirmed that stringent password policies – aside from being really annoying – actually work. The research, led by Ph.D. student Jacob Abbott, IU CIO Daniel Calarco, and professor L. Jean Camp. They published their findings in a paper entitled “Factors Influencing Password Reuse: A Case Study.”

“Our paper shows that passphrase requirements such as a 15-character minimum length deter the vast majority of IU users (99.98 percent) from reusing passwords or passphrases on other sites,” said Abbott. “Other universities with fewer password requirements had reuse rates potentially as high as 40 percent.”

To investigate the impact of policy on password reuse, the study analyzed password policies from 22 different U.S. universities, including their home institution, IU. Next, they extracted sets of emails and passwords from two large data sets that were published online and contained over 1.3 billion email addresses and password combinations. Based on email addresses belonging to a university’s domain, passwords were compiled and compared against a university’s official password policy.

The findings were clear: Stringent password rules significantly lower a university’s risk of personal data breaches.

In short, requiring longer passwords and creating a truly stringent password policy reduced fraud and password reuse by almost 99%. Further, the researchers found that preventing users from adding their name or username inside passwords it’s also pretty helpful. Ultimately, having a stringent password policy is far better than have none at all. It’s a no-brainer but it could be an important data point for your next tech project.



Source link

Products You May Like

Articles You May Like

From HQ2 to Trump, Amazon to face a lot of challenges in 2019 (The 3:59, Ep. 504)
Nexthink raises $85M to monitor and improve ’employee experience’ of apps – TechCrunch
AtScale lands $50 million investment led by Morgan Stanley – TechCrunch
Tigera raises $30M Series B for its Kubernetes security and compliance platform – TechCrunch
TNB Aura closes $22.7M fund to bring PE-style investing to Southeast Asia’s startups – TechCrunch

Leave a Reply

Your email address will not be published. Required fields are marked *