Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
SOUPS
2010
ACM
2010
ACM
Where do security policies come from?
We examine the password policies of 75 different websites. Our goal is understand the enormous diversity of requirements: some will accept simple six-character passwords, while others impose rules of great complexity on their users. We compare different features of the sites to find which characteristics are correlated with stronger policies. Our results are surprising: greater security demands do not appear to be a factor. The size of the site, the number of users, the value of the assets protected and the frequency of attacks show no correlation with strength. In fact we find the reverse: some of the largest, most attacked sites with greatest assets allow relatively weak passwords. Instead, we find that those sites that accept advertising, purchase sponsored links and where the user has a choice show strong inverse correlation with strength. We conclude that the sites with the most restrictive password policies do not have greater security concerns, they are simply better insul...
Real-time TrafficGreater Security | Password Policies | Security Privacy | Simple Six-character Passwords | SOUPS 2010 |
Related Content
| Added | 16 Aug 2010 |
| Updated | 16 Aug 2010 |
| Type | Conference |
| Year | 2010 |
| Where | SOUPS |
| Authors | Dinei A. F. Florêncio, Cormac Herley |
Comments (0)
Researcher Info
|
