Passwords in the wild, part II: failures in the market
This is the second part in a series on password implementations at real websites, based on my paper at WEIS 2010 with Sören Preibusch. As we discussed yesterday, dubious practices abound within real sites’ password implementations. Password insecurity isn’t only due to random implementation mistakes, though. When we scored sites’ passwords implementations on a 10-point … Continue reading Passwords in the wild, part II: failures in the market