Stringent password can prevent fraud: Study
New Delhi, Oct 16 (ANI): According to a recent study, the practice of keeping same passwords for various platforms can cause more harm to the employers with many users and valuable assets protected by passwords, like in universities. "If someone uses their university email address and passphrase to sign up for, say, LinkedIn, and LinkedIn is breached by cybercriminals, that would mean their university password is sitting on the web for everyone to see," said Indiana University's Dan Calarco, co-author of the study. To investigate the impact of policy on password reuse, the study analysed password policies from 22 different US universities, including their home institution, IU. Next, they extracted sets of emails and passwords from two large data sets that were published online and contained over 1.3 billion email addresses and password combinations. Based on email addresses belonging to a university's domain, passwords were compiled and compared against a university's official password policy. The study found that stringent password rules significantly lower a university's risk of personal data breaches. The authors offer the following recommendations to safeguard passwords: Increase the minimum password length beyond 8 characters. Increase the maximum password length. Disallow the user's name or username inside passwords. Contemplate multi-factor authentication. Multi-factor authentication is becoming more common and usable.
