GoDaddy and QuickBooks Have the Best Password Policies; Dropbox, Netflix Have Worst

GoDaddy, Stripe, and QuickBooks lead with the best password policies, according to the 2017 Password Power Rankings from Dashlane.

Dashlane found that that almost half (46%) of consumer sites, including Dropbox, Netflix, and Pandora, and 36% of enterprise sites, including DocuSign and Amazon Web Services, failed to implement the most basic password security requirements.

The most popular sites provide the least guidance when it comes to secure password policies. Of the 17 consumer sites that failed Dashlane’s tests, eight are entertainment/social media sites, and five are e-commerce. Most troubling? Researchers created passwords using nothing but the lowercase letter "a" on Amazon, Google, Instagram, LinkedIn, Venmo, and Dropbox, among others, it said.

GoDaddy emerged as the only consumer website with a perfect score, while enterprise sites Stripe and QuickBooks also garnered a perfect score of 5/5.

“We created the Password Power Rankings to make everyone aware that many sites they regularly use do not have policies in place to enforce secure password measures. It’s our job as users to be especially vigilant about our cybersecurity, and that starts with having strong and unique passwords for every account,” said Dashlane CEO Emmanuel Schalit. “However, companies are responsible for their users, and should guide them toward better password practices.”

To determine the ranking, Dashlane researchers examined sites against password security criteria, such as requiring eight or more-character passwords with a combination of letters, numbers, and symbols, and offering two-factor authentication. A site received a point for each test where it performed positively, for a maximum, and top score, of five. A score of 3/5 was deemed as passing and meeting the minimum threshold for good password security (complete methodology below).

CONSUMER RANKINGS:

5/5 Score (Best)_

GoDaddy

4/5 Score

Apple
Best Buy
The Home Depot
Microsoft/Live/Outlook
PayPal
Skype
Toys “R” Us
Tumblr

3/5 Score

Airbnb
Facebook
Google
Reddit
Slack
Snapchat
Staples
Target
Twitch
Wordpress
Yahoo

2/5 Score

Amazon
eBay
LinkedIn
Starbucks
Twitter
Venmo

1/5 Score

Dropbox
Evernote
Instagram
Macy’s
Pinterest
SoundCloud
Walmart

0/5 Score (Worst)

Netflix
Pandora
Spotify
Uber

ENTERPRISE RANKINGS

5/5 Score

Stripe
QuickBooks

4/5 Score

Basecamp
Salesforce

3/5 Score

GitHub
MailChimp
SendGrid

2/5 Score

DocuSign
MongoDB (mLab)

1/5 Score

Amazon Web Services
Freshbooks

http://blog.dashlane.com/dashlane-password-power-rankings-2017

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.

ON DEMAND: Apple Mac computer use is growing in the corporate space. Having the solutions and the knowledge base to respond to events that include Mac computers is just as important as their Windows counterparts.