Everyone — supposedly — knows about the need to use strong passwords.
But convincing consumers, and firms, to use stronger passwords remains a struggle. What, then, are the password policies of the leadings websites and e-commerce sites, and are they driving their users to change behaviour?
Steven Furnell is a senior member of the IEEE, and professor of cybersecurity at the University of Nottingham.
For the last 15 years, he has been tracking the password policies of across some of the most popular online services.
Do they, for example, still allow weak or easy to guess passwords?
And how easy do they make it for users to pick stronger passwords, or to use alternatives such as multi-factor authentication?
The answers have implications, not just for security online, but for the way we use passwords in business too.