Enforce Password Strength Rules on Your Users
Now that weâve covered storage, letâs talk about the password itself. Most users arenât security conscious, so you have to help the user when selecting a password. The table is a top-ten list of the most popular passwords from 2014[49] Itâs obvious that people donât really think about account security.
Table 1. Top-ten Passwords of 2014
| Position | Password | 2014 Rank | | | Position | Password | 2014 Rank |
|---|---|---|---|---|---|---|
| 1. | 123456 | Unchanged | | | 6. | 123456789 | Unchanged |
| 2. | password | Unchanged | | | 7. | 1234 | Up 9 |
| 3. | 12345 | Up 17 | | | 8. | baseball | New |
| 4. | 12345678 | Down 1 | | | 9 | dragon | New |
| 5. | qwerty | Down 1 | | | 10. | football | New |
Donât let your users use common dictionary passwords, because your high-tech security measures are useless if the user is using ...
Get Secure Your Node.js Web Application now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
