GoDaddy and QuickBooks Have the Best Password Policies; Dropbox, Netflix Have Worst

August 9, 2017

GoDaddy, Stripe, and QuickBooks lead with the best password policies, according to the 2017 Password Power Rankings from Dashlane.

Dashlane found that that almost half (46%) of consumer sites, including Dropbox, Netflix, and Pandora, and 36% of enterprise sites, including DocuSign and Amazon Web Services, failed to implement the most basic password security requirements.

The most popular sites provide the least guidance when it comes to secure password policies. Of the 17 consumer sites that failed Dashlane’s tests, eight are entertainment/social media sites, and five are e-commerce. Most troubling? Researchers created passwords using nothing but the lowercase letter "a" on Amazon, Google, Instagram, LinkedIn, Venmo, and Dropbox, among others, it said.

GoDaddy emerged as the only consumer website with a perfect score, while enterprise sites Stripe and QuickBooks also garnered a perfect score of 5/5.

“We created the Password Power Rankings to make everyone aware that many sites they regularly use do not have policies in place to enforce secure password measures. It’s our job as users to be especially vigilant about our cybersecurity, and that starts with having strong and unique passwords for every account,” said Dashlane CEO Emmanuel Schalit. “However, companies are responsible for their users, and should guide them toward better password practices.”

To determine the ranking, Dashlane researchers examined sites against password security criteria, such as requiring eight or more-character passwords with a combination of letters, numbers, and symbols, and offering two-factor authentication. A site received a point for each test where it performed positively, for a maximum, and top score, of five. A score of 3/5 was deemed as passing and meeting the minimum threshold for good password security (complete methodology below).

CONSUMER RANKINGS:

5/5 Score (Best)_

GoDaddy

4/5 Score

Apple
Best Buy
The Home Depot
Microsoft/Live/Outlook
PayPal
Skype
Toys “R” Us
Tumblr

3/5 Score

Airbnb
Facebook
Google
Reddit
Slack
Snapchat
Staples
Target
Twitch
Wordpress
Yahoo

2/5 Score

Amazon
eBay
LinkedIn
Starbucks
Twitter
Venmo

1/5 Score

Dropbox
Evernote
Instagram
Macy’s
Pinterest
SoundCloud
Walmart

0/5 Score (Worst)

Netflix
Pandora
Spotify
Uber

ENTERPRISE RANKINGS

5/5 Score

Stripe
QuickBooks

4/5 Score

Basecamp
Salesforce

3/5 Score

GitHub
MailChimp
SendGrid

2/5 Score

DocuSign
MongoDB (mLab)

1/5 Score

Amazon Web Services
Freshbooks

http://blog.dashlane.com/dashlane-password-power-rankings-2017

Ransomware and the propulsion of the extortion economy has rapidly eclipsed into a national priority. Recently, we observed the catastrophic impact of a widescale ransomware attack impacting gas pipelines and raising national gas prices overnight.

Many of the security screening standards in use today were put in place decades ago. They addressed the threats at the time and employed the security screening equipment that was available.

Poll

Recruiting Diverse Candidates

View Results

Poll Archive

Products

Effective Security Management, 7th Edition

Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics.

See More Products

GoDaddy and QuickBooks Have the Best Password Policies; Dropbox, Netflix Have Worst

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.

GoDaddy and QuickBooks Have the Best Password Policies; Dropbox, Netflix Have Worst

Related Articles

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.