A new research indicates that over 70 percent of prominent exchanges permit users to be in possession of accounts with weak passwords. The researcher also reveals that this puts them in a difficult position with a higher risk of losing data to hackers as a result of a weak password trend. Password strength assessment tools have been offered by less than half of the surveyed trading platforms.
The dilemma of weak passwords
A new research reveals that certain top virtual currency exchange firms have permitted clients to utilize riskily weak password. User account password with fewer than 8 characters is permitted in about 43 percent of virtual exchange platforms. Moreover, the absence of alphanumeric passwords is allowed by 34 percent of virtual exchange firm, the study showcases. In numerous instances, testers could create accounts, password with a weak makeup of such as “12345” and “password”.
In addition to the above, as indicated in the annual Cryptocurrency exchange Password Power ranking, over 70 percent of the surveyed exchanges permit the setup of weak passwords. Moreover, by assessing the account security and password, the digital security company has tested 35 of the top virtual exchange platforms in the world.
The study also investigated, whether the virtual currency exchanges offer two-factor authentication (2FA), email confirmation or activation, and password strength assessment tools. Less than 50 percent of the exchanges offered account users with tools such as color-coded bars, the study also revealed. As concluded by the researchers, dangerous practices leave many clients accounts to compromise to cyber attacks such as financial embezzlement and hacking.
According to a quote by Emmanuel Schalit, Dashlane CEO, as reported by Newsbitcoin.com “the fact that many exchanges allow their users to create weak passwords should serve as a wake-up call to the entire industry”. He also sighted that signing for a virtual currency exchange is similar to opening up a bank account. Schalit argued, “with your bank account, credit cards, bitcoin and other digital assets potentially stored on the exchange, it is critical that your account is locked down on the security front.”
Critical: The Two-Factor Authentication
The virtual currency exchanges are according to points they receive from tests conducted on five critical password and account security criteria. Just 10 exchanges have held all five criteria namely, Bitmex, Robinhood, Coinbase, Cryptopia, ItBit, Paxful, Gemini, and Huobi.
In the past, the firm has tested and ranked leading consumer websites according to similar criteria. This is the first effort by the password manager to rank virtual currency exchanges in accordance with their password security procedures. This research was conducted within the period of March 12 – 19 of 2018.