The research authors claimed that such passwords`unsafety keeps the personal information demonstrated to financial theft. Less than a half of the interviewed trading platforms stipulate password strength assessment tools.
According to the new survey, some popular crypto exchanges let their customers to explore dangerously weak watchwords. 43 % of the platforms allow users to make accounts choosing passwords with fewer than 8 points. The study also reveals that 34 % platforms do not demand alphanumeric passwords at all. The testers mainly could set up accounts with watchwords using plain combinations of numbers and letters, for example “12345” or words like “password”.
The digital security company Dashlane regularly presents the annual Cryptocurrency Exchange Password Power Rankings. They have checked 35 of the leading trading platforms in the world inspecting their password security. Researchers examined if exchanges provide strength assessment tools, email confirmation (activation) and 2FA (two-factor authentication). They revealed that over 50 % of the platforms supplied account keepers with tools like meters of a color-code bars. In conclusion the authors claimed that such insecure practices can leave many customers`accounts to hacking or financial theft.
Emmanuel Schalit (Dashlane CEO) said that the above-mentioned study should “serve as a wake-up call to the entire industry”. He considers that signing up for a cryptocurrency exchange is like signing up for a bank account. He also stated “it`s critical that your account is locked down on the security front”.
During the exchange survey each platform was being tested on five critical password and account security positions. Then they have been ranked according to the received points. Only 10 platforms correspond to all 5 criteria. These are Bitcoin.de, BitMEX, BTCC, Cobinhood, Coinbase, Cryptopia, Gemini, Huobi, itBit, and Paxful.
Experts recommend users to generate their passwords with no less than 8 symbols for each online account they open. Enabling 2FA is critical and should definitely not be skipped even when you log in for the first time.