728_header.jpg (23748 bytes)
 EB Blog 
 AB Blog 
EcommerceBytes-NewsFlash, Number 3281 - March 14, 2014 - ISSN 1539-5065    4 of 4

Amazon UK Knocked for Password Security Process

By David A. Utter
March 14, 2014

Email This Story to a Friend

After looking at password policies for top ecommerce sites in the US and France, password manager firm Dashlane took a peek at sites in the United Kingdom to evaluate their practices. Some big brand names like Amazon UK demonstrated some eyebrow-raising habits.

According to the company's UK edition of its Personal Data Security Roundup, Dashlane looked at what the firm considers important password security criteria. It found about two-thirds of the top 100 ecommerce sites in the UK, including brands like Amazon and Tesco, don't stop login attempts after ten incorrect password entries.

Failing to lock out such attempts could be problematic for an ecommerce site and its customers. Malicious hackers have long had access to tools that enable repetitive attacks, feeding one possible password after another to a site until such software finds a match.

Dashlane also expressed concern about 25 percent of these sites providing forgotten passwords in plaintext via email. If an unauthorized person has access to a customer's email and the process for getting back into an ecommerce site is a simple username/password login, that account becomes an easy target.

Although modern-day internet users should be well aware of the intrinsic dangers of using weak passwords, the average consumer may be content to use a simple easy to guess one. Unless a site's processes force them to make choices like including at least one number and one capital letter, or to make the password a minimum length, people will probably continue to gravitate toward less secure choices.

Ecommerce pros may wish to reconsider any existing practices they use that don't compel password choices that are at least a little varied and of a minimum length. Data security breaches will hurt consumer confidence; one needs look no further than the 2013 holiday season breach that affected Target, which is seeing a drop in customer visits since the incident.

Related Stories
Amazon's Advertising Platform Is Big Business - October 31, 2014

Amazon Uses Deals to Attract Early Holiday Shoppers - October 31, 2014

Repricer Warns Merchants, Don't Get Amazoned - October 29, 2014

Analyst Chides Amazon over Q3 Performance - October 24, 2014

Amazon Continues to Gear up for Holiday Shopping - October 21, 2014

About the author:

David A. Utter is a freelance writer based in Lexington, KY. He has covered technology topics from search to security to online business and has been quoted in places like ZDNet and BusinessWeek. He considers his appearance on NPR's "All Things Considered" with long-time host Robert Siegel a delightful highlight. Send your tips to media@davidautter.com and find him on Twitter @davidautter and on LinkedIn.

You may quote up to 50 words of any article on the condition that you attribute the article to EcommerceBytes.com and either link to the original article or to www.EcommerceBytes.com.
All other use is prohibited.

Email This Story to a Friend
Email this story to a friend.

4 of 4