In a comprehensive study of the password security policies of 100 e-commerce websites, Apple was the only site to receive a perfect score of 100.

Conducted by password-management company Dashlane (via Ars Technica), the Personal Data Security in E-Commerce Security Roundup [PDF] examined the password policies at various sites using 24 different criteria like acceptance of weak passwords and whether or not entry is blocked after failed attempts.

passwordscores

The roundup assesses the password policies of the top 100 e-commerce sites in the US by examining 24 different password criteria that Dashlane has identified as important to online security, and awarding or docking points depending upon whether a site meets a criterion or not. Each criterion is given a +/- point value, leading to a possible total score between –100 and 100 for each site.

While Apple was the only company to earn a score of 100, other companies, like Microsoft, Newegg, and Target also received high scores while Major League Baseball, Toys R Us and Aeropostale received some of the lowest scores.

The study revealed that 55 percent of online retailers accepted weak passwords like "password" or "123456" and 51 percent made no attempt to block entry after 10 incorrect password entries. 61 percent did not provide advice on how to create a strong password, and 93 percent did not provide an on-screen password strength assessement.

Apple, however, met and exceeded all criteria as the company has notoriously stringent password rules to encourage its users to create strong passwords.

Some retailers may argue that such requirements impede user convenience, but companies such as Apple, arguably the most famous brand on the list, have shown that it is possible to be both secure and successful. In every category we tested, Apple implemented the 4 simple policies and procedures we recommend above. These policies resulted in the company being awarded the only perfect score in the study.

When a new Apple ID account is created, users must have a password with at least eight characters, one lower case letter, one capital letter, and one number. The password cannot contain multiple identical consecutive characters, it can't be a common password, and it can't be the same as the account name.

Apple will also rate passwords as weak, moderate, or strong and it asks users to create security questions as well. When logging in with an Apple ID, three attempts at entering the wrong password will prompt a password reset via security questions or email authentication.

As noted by Ars Technica, while the study looks at several aspects of password management, it does avoid some important criteria such as whether sites allow password entry through unencrypted HTTP password connections or allow resets via security questions.

Top Rated Comments

UnfetteredMind Avatar
148 months ago
C'mon Dicks ... get it up!
Score: 9 Votes (Like | Disagree)
keysofanxiety Avatar
148 months ago
But ... but ... on my Android phone I don't have to type in passwords! I just have to use 'sIris' to recognise my eye and reveal my debit card details. Admittedly, there are a few flaws ... such as it thinking my eye colour was blue when they're actually brown. And I did manage to unlock my phone by pointing the camera towards a Mr. Potato Head.

But customisability, guys! You're too locked down! #changingicons
Score: 8 Votes (Like | Disagree)
dannyyankou Avatar
148 months ago
But ... but ... on my Android phone I don't have to type in passwords! I just have to use 'sIris' to recognise my eye and reveal my debit card details. Admittedly, there are a few flaws ... such as it thinking my eye colour was blue when they're actually brown. And I did manage to unlock my phone by pointing the camera towards a Mr. Potato Head.

But customisability, guys! You're too locked down! #changingicons

But animated wallpapers are so c00l! Who cares if customization opens up the possibility of battery drain, viruses, and hackers? I want my widgets and Swype keyboard!
Score: 6 Votes (Like | Disagree)
bearda Avatar
148 months ago
This kind of surprises me, as Apple still has no password expiration policy or review of older password requirements. I was kind of surprised to find out one of our test accounts has been running around with a... fairly insecure password for a long time without any prompt to change. It definitely wouldn't pass the new account standards now.
Score: 1 Votes (Like | Disagree)
Menel Avatar
148 months ago
C'mon Dicks ... get it up!

you win the internets

----------

Where are the websites with 2 factor auth?

PayPal google?
Msft doesn't even have 2 factor

My Microsoft account that hosts one of my domains, does have two way. Loads into the Google Auth app.
Score: 1 Votes (Like | Disagree)

Popular Stories

iPhone 17 Pro Blue Feature Tighter Crop

iPhone 17 Pro Launching Later This Year With These 12 New Features

Tuesday May 27, 2025 9:10 am PDT by
While the iPhone 17 Pro and iPhone 17 Pro Max are not expected to launch until September, there are already plenty of rumors about the devices. Below, we recap key changes rumored for the iPhone 17 Pro models as of May 2025: Aluminum frame: iPhone 17 Pro models are rumored to have an aluminum frame, whereas the iPhone 15 Pro and iPhone 16 Pro models have a titanium frame, and the iPhone X ...
Whatsapp Feature

WhatsApp Teases Long-Awaited iPad App

Monday May 26, 2025 10:23 am PDT by
The popular messaging app WhatsApp has teased a long-awaited iPad app, which would be offered alongside its existing iPhone and Mac apps. The official WhatsApp account on X today reacted with an eyes emoji to a post saying that WhatsApp should release an iPad app. This could be a hint that Meta is gearing up to release WhatsApp for iPad, which has already been available for beta testing via...
WWDC 2025 Banner

WWDC is Just Two Weeks Away: Here Are the Biggest iOS 19 Rumors

Monday May 26, 2025 8:12 am PDT by
WWDC 2025 is just two weeks away as of today, with Apple's opening keynote scheduled for Monday, June 9 at 10 a.m. Pacific Time. During the keynote, Apple is expected to announce iOS 19, iPadOS 19, macOS 16, watchOS 12, tvOS 19, visionOS 3, and other software updates, along with new Apple Intelligence features. In some years, there are also hardware announcements at WWDC, but there are no...
HomePod With Screen Feature

Apple's Rumored Smart Home Hub Has Faced a Disappointing Setback

Monday May 26, 2025 7:18 am PDT by
Apple has scrapped some of the features that it had planned for its long-rumored smart home hub device, according to Bloomberg's Mark Gurman. "I'm told that Apple has pulled some bolder features from the device that could reappear in subsequent models," wrote Gurman, in his Power On newsletter this week. However, he did not reveal any of the specific features that were pulled. Apple made...
top stories 2025 05 24

Top Stories: iPhone 17 Air Details, Apple's Smart Glasses, and More

Saturday May 24, 2025 6:00 am PDT by
WWDC is coming up quickly with a number of software announcements in store, but we're also looking further ahead to hardware launches like the iPhone 17 lineup and even Apple's smart glasses project. This week also saw big news with former Apple design guru Jony Ive joining forces with OpenAI to build future AI-driven devices, while Fortnite returned to the U.S. App Store for the first time...
iCloud General Feature Redux

Apple Raises iCloud+ Prices in Three Countries

Monday May 26, 2025 1:45 pm PDT by
Apple recently raised prices for its iCloud+ plans in Brazil, Chile, and Peru, according to a support document updated last Thursday. The table below outlines the price changes in each country. Country Old Prices New Prices Brazil 50GB: R$ 4.90 200GB: R$ 14.90 2TB: R$ 49.90 6TB: R$ 149.90 12TB: R$ 299.90 50GB: R$ ...
iPhone Top Left Hole Punch Face ID Feature 2

Apple Rumored to Redesign the iPhone Every Year Through to 2027

Tuesday May 27, 2025 5:17 am PDT by
Apple is reportedly preparing to implement significant iPhone hardware redesigns each year for the next three generations. According leaks from the Chinese supply chain disclosed by Weibo user "Digital Chat Station," Apple plans to carry out a series of phased industrial design changes affecting different parts of the iPhone across three consecutive years: 2025, 2026, and 2027. The changes...
maxresdefault

iOS 19 Design Changes Rumored to Extend to Apple TV and Apple Watch

Monday May 26, 2025 6:40 am PDT by
Many of Apple's operating systems will be receiving design changes this year, according to the latest word from Bloomberg's Mark Gurman. Subscribe to the MacRumors YouTube channel for more videos. Gurman previously reported that iOS 19, iPadOS 19, and macOS 16 will have new designs, with added translucency for a more glass-like appearance. In his Power On newsletter this week, he said that the...