
Misleading password meters could increase risk of data breach
A Password meter is an indicator of the strength of a password entered by a user on a website. In most cases, meters estimate the amount of tries necessary for your password to be guessed by an attacker by factoring in password length and complexity. A University of Plymouth study tested 16 of the most encountered password meters on the internet to test their effectiveness. Based on the results, here are a few tips on how to keep your passwords secure, regardless of an “approval” given by the password meter:Do not always trust the password meter
Just because a password meter says “strong password” does not mean it is. The meters can be helpful but are also extremely flawed, giving you a sense of false security. When deciding on a password, do not base it solely on the rating given by the website.Avoid using keyboard patterns
On many password meters, passwords such as “querty”, “abc123”, and “Password” sometimes cannot be detected as problematic. Common letter combinations, such as going down a row of the keyword or commonly used words, are easily guessed and not always flagged on the meters.