Why Do So Many Sites Have Bad Password Policies?

Researchers at Georgia Tech’s College of Computing found that 75% of the world’s most popular websites fail to meet minimum password security standards, leaving users at an increased risk for cyber attacks. The study, which used a new automated security assessment tool, also found that 12% of sites lacked password length requirements, while more than half accepted passwords of six characters or less. Only a few websites followed standard security guidelines, with most sticking to outdated rules from 2004.