ap7am logo
Logo Bar bseindia nse-india msn yahoo youtube facebook google thehindu bbc ndtv v6 ABN NTv Tv9 etv namasthetelangaana sakshi andhrajyothy eenadu ap7am bhakti espncricinfo wikipedia twitter

Is your e-mail password really strong enough?

Thu, Mar 26, 2015, 02:04 PM
Toronto, March 26,b 2015: Are you sure the password you created for your gmail or Facebook account strong enough?

Well, if you went by the green bar that indicated your password to be strong enough, then it may not be as fool-proof as you thought, warns new research slated to be published in the journal ACM Transactions on Information and System Security.

The new research from the Concordia University exposes the weakness of password strength meters, and shows consumers should remain sceptical when the bar turns green in order to create strong passwords.

"We found the outcomes to be highly inconsistent. What was strong on one site would be weak on another," said lead researcher professor Mohammad Mannan.

"These weaknesses and inconsistencies may confuse users in choosing a stronger password, and thus may weaken the purpose of these meters," he added.

Researchers sent millions of not-so-good passwords through meters used by several high-traffic web service providers, including Google, Yahoo!, Dropbox, Twitter and Skype.

They also tested some of the meters found in password managers, allegedly designed with the relevant expertise.

But on the other hand, our findings may help design better meters, and possibly make them an effective tool in the long run," said co-researcher Xavier de Carne de Carnavalet.

So what can companies do? Start by emulating Dropbox, the researchers recommend.

The popular file-sharing site had the most robust password strength meter, and the software is open-source.
Agency: IANS

Feedback Form

Your IP address: