Website Password Security Versus Usability!
Website security is a prime concern that businesses must deal with today. This is because cyber theft is on the rise, and a business could be liable if a client’s or customer’s sensitive information is stolen. This is why a good web design must provide secure options for customer security. Unfortunately, general passwords fail to protect against hackers 90 percent of the time. This leaves the question of password security, versus website usability. To get the best of both, a web design should include something different – pass-phrases. –
Passwords Must Be Secure
The fact that passwords must be secure is is an obvious statement, but one that is often very overlooked. The truth is, most people do not create secure passwords, and most passwords can be easily hacked with password cracking programs in only a few minutes. Secure passwords are random, long, and contain a variety of character types, which makes cracking them much more difficult. A good password is 12 to 15 characters long and includes numbers and symbols, making it much more difficult to hack – even for a program.
On the contrary, most people create passwords that have some kind of significance to them, so they are easy to remember. Passwords comprised of names, dates and meaningful words top the list, and most are not nearly as long as they should be. Unfortunately, these combinations are easy to hack. Companies provide the best protection when their website design requires a more complex password.
Passwords Must Be Memorable
The problem with complex passwords is that people forget them, and because of this website usability goes down. When it becomes difficult to remember a 15-character password, including digits and symbols, many users get frustrated when they cannot remember what they chose. This does a number of things, from increasing the number of users who simply stop using a site, to increasing the money that a company must spend on help desk problems related to password use and account access.
When password security is high, website usability goes down; but when usability is high, password security is usually low. So what should a company in today’s world do to keep their customers safe, while still keeping website usability high?
Combine Security and Usability with Pass-phrases
One option that many businesses are having success with is requiring pass-phrases instead of passwords. A passphrase is a string of words that, when typed without spaces, can create a very strong password. Phrases are typically more memorable than words, numbers and symbols, plus they are much longer, adding strength. For every additional character added to a pass-phrase, it becomes exponentially harder to crack. Therefore, it is easy to understand why phrases, rather than words and numbers, would be preferable. Pass-phrases are also less likely to be guessed.
While there is an actual science behind what a strong pass-phrase actually is, and how to prevent different types of attacks to crack passwords, pass-phrase technology can easily be added to a web design. Users are prompted about how to create a good pass-phrase, and which words are not acceptable, until they create one that is both long enough, and memorable. Because of fewer restrictions on creating a password, users are much more likely to create a phrase they will actually remember, and one that does not require random numbers, symbols and capitalization.
With studies on this topic indicating that pass-phrases have a much higher rate of user retention and website usability, business owners should consider a-dding pass-phrases to their web design. Websites that require users to register and login are much more safe, and less susceptible to being hacked when a pass-phrase requirement is incorporated into their web design!