{"id":380132,"date":"2017-08-11T01:08:42","date_gmt":"2017-08-10T17:08:42","guid":{"rendered":"https:\/\/www.macrumors.com\/2017\/08\/10\/apple-id-dashlanes-rankings\/"},"modified":"2017-08-11T01:08:42","modified_gmt":"2017-08-10T17:08:42","slug":"apple-id-website-receives-45-good-score-in-dashlanes-2017-password-power-rankings","status":"publish","type":"post","link":"https:\/\/people.utm.my\/asmawisham\/apple-id-website-receives-45-good-score-in-dashlanes-2017-password-power-rankings\/","title":{"rendered":"Apple ID Website Receives 4\/5 &#8216;Good&#8217; Score in Dashlane&#8217;s 2017 Password Power Rankings"},"content":{"rendered":"<p>Password management app Dashlane has enlisted a group of researchers to <a href=\"https:\/\/blog.dashlane.com\/dashlane-password-power-rankings-2017\/\">assess and rank the password policy and security<\/a> of 37 consumer and 11 enterprise websites. The study examined five password security criteria to result in a point-based ranking system, with points awarded for the following categories: requiring 8+ characters, needing alphanumeric passwords, including a password strength assessment indicator, passing brute force attack simulations, and supporting 2-factor authentication.<\/p>\n<p>Based on these data points, the <a href=\"https:\/\/appleid.apple.com\/#!&amp;page=signin\">Apple ID sign-in page<\/a> scored a 4\/5 and earned a &#8220;Good&#8221; ranking. Apple passed on all criteria except for the brute force attack test, where researchers said they were never presented with a security warning (&#8220;such as a CAPTCHA code or the account automatically locking&#8221;) after entering incorrect credentials 10 times in a row. Dashlane mentioned that the study was completed during the week of July 5 &#8211; July 14, 2017.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/cdn.macrumors.com\/article-new\/2017\/08\/apple-passwords-id-login.jpg\" alt=\"\" width=\"1060\" height=\"479\" class=\"aligncenter size-full wp-image-581267\"\/><\/p>\n<blockquote readability=\"12\">\n<p>&#8220;We created the Password Power Rankings to make everyone aware that many sites they regularly use do not have policies in place to enforce secure password measures. It&#8217;s our job as users to be especially vigilant about our cybersecurity, and that starts with having strong and unique passwords for every account,&#8221; said Dashlane CEO Emmanuel Schalit. &#8220;However, companies are responsible for their users, and should guide them toward better password practices.&#8221;<\/p>\n<\/blockquote>\n<p>Above Apple with perfect scores were GoDaddy, Stripe, and QuickBooks, but at the very low end with a score of 0\/5 were Netflix, Pandora, Spotify, Uber, and Amazon Web Services. Dashlane said that in total 46 percent of consumer sites have &#8220;dangerously lax&#8221; password policies, while 36 percent of enterprise websites face the same issue.<\/p>\n<p>The researchers said that some of the more troubling findings related to being able to create a password using nothing but the lowercase letter &#8220;a&#8221; on Amazon, Dropbox, Google, Instagram, LinkedIn, Netflix, Spotify, Uber, and Venmo. The Apple ID sign-in page was one of six sites that did not have a policy to prevent brute force attacks, also including Dropbox, Google, Twitter, Venmo, and Walmart.<\/p>\n<p>Visit Dashlane&#8217;s website <a href=\"https:\/\/blog.dashlane.com\/dashlane-password-power-rankings-2017\/\">here<\/a> for more information on the 2017 Password Power Rankings, including a few infographics. Dashlane has <a href=\"https:\/\/www.macrumors.com\/2014\/01\/24\/apple-password-management-score\/\">performed similar studies<\/a> of password security policies in years past.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Password management app Dashlane has enlisted a group of researchers to assess and rank the password policy and security of 37 consumer and 11 enterprise websites. The study examined five password security criteria to result in a point-based ranking system, with points awarded for the following categories: requiring 8+ characters, needing alphanumeric passwords, including a [&hellip;]<\/p>\n","protected":false},"author":5817,"featured_media":380133,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[25],"tags":[68,69,59,26],"class_list":["post-380132","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology","tag-apple","tag-macrumors","tag-media","tag-technology"],"_links":{"self":[{"href":"https:\/\/people.utm.my\/asmawisham\/wp-json\/wp\/v2\/posts\/380132","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/people.utm.my\/asmawisham\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/people.utm.my\/asmawisham\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/people.utm.my\/asmawisham\/wp-json\/wp\/v2\/users\/5817"}],"replies":[{"embeddable":true,"href":"https:\/\/people.utm.my\/asmawisham\/wp-json\/wp\/v2\/comments?post=380132"}],"version-history":[{"count":0,"href":"https:\/\/people.utm.my\/asmawisham\/wp-json\/wp\/v2\/posts\/380132\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/people.utm.my\/asmawisham\/wp-json\/wp\/v2\/media\/380133"}],"wp:attachment":[{"href":"https:\/\/people.utm.my\/asmawisham\/wp-json\/wp\/v2\/media?parent=380132"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/people.utm.my\/asmawisham\/wp-json\/wp\/v2\/categories?post=380132"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/people.utm.my\/asmawisham\/wp-json\/wp\/v2\/tags?post=380132"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}