Website security takes many forms. Depending on the nature
of the content available, security levels vary from simple customer
identification processes to complex id authentication
procedures that dig deep into the customer’s background. But regardless of the
extent of the website’s security measures, if the customer is expected to
return to the website and take advantage of personalized, exclusive or paid-for
content, they will likely be expected to select a password.
An extensive and insightful article by White Hat security
founder Jeremiah Grossman considers the importance of consumer passwords. Grossman comments
that ideally, a website should maintain a balance of necessary security with
acceptable consumer experience. He explains the different aspects of password
policy, and relates its significance in protecting against cybercrime and its
effect on the consumer based on several different studies of consumer passwords
from various popular websites.
Grossman’s article goes on to suggest several methods being
used by websites to encourage more hacker-proof password choices by consumers. Finally,
he suggests an absolute minimal amount of requirements for creating and
maintaining passwords so that an effective password policy can be upheld
without sacrificing the user experience. The policy suggested may not be
universal, but considering Grossman’s extensive experience
in the cyber security industry, the article is definitely worth reading.