Do Password Strength Meters Actually Work?

Sunday, 14 July 2013

Do Password Strength Meters actually works?
Password strength meters are helpful in some cases, but are not always used effectively.
Consumers who frequently access websites are sometimes prompted by strength meters to improve their password security. A new study conducted by the University of California at Berkeley, Microsoft and the University of British Columbia indicated that these systems can be effective if they are established properly.

Serge Egelman, a research scientist at UC Berkeley, told ArsTechnica that people are more likely to enter passwords they have previously used when asked by strength meters to change their credentials. This is often the case for new accounts or ones that are not of great importance to consumers.

"Whereas we show that in a different context - when changing passwords for high-value accounts - then the meters actually do have an observable effect on behavior in that people do choose stronger passwords," Egelman told the news source. "And ironically that's the context where we're least likely to see real meters in real life."

Password strength meters are a good reminder that online security is necessary for anyone accessing important accounts through the Internet. Consumers who neglect such protection may experience major problems such as identity theft if hackers obtain this valuable information.

Rather than only generating strong passwords when reminded, people can use effective tools like a password manager to keep all of their accounts protected with complex and hard-to-crack passwords. These solutions constantly generate new credentials so users always have the latest safeguards for their websites.

Another great aspect of password managers is that they remove the burden from consumers who are constantly tasked with remembering a dozen or more unique credentials. Sometimes people decide to use the same passwords for all of their accounts because it is easy to do so, but this approach invites trouble if hackers know this particular phrase.


Password strength meters are helpful in some cases, but are not always used effectively.

No comments:

Post a Comment