Cryptocurrency Exchanges Allowing Ridiculously Unsafe Passwords
In a bit of irony, a new investigation shows many cryptocurrency exchanges are allowing passwords that are shockingly simple and easy to crack.
Dashlane says it tested 35 of the most popular exchanges and was repeatedly allowed to create accounts with passwords like “12345” and even the word “password.” One exchange also allowed testers to create a password using only the letter “a.”
Forty three percent of the exchanges Dashlane tested allow users to create accounts with passwords containing seven characters or less. In addition, 34% of the exchanges didn’t require numbers in a user’s password.
Dashlane ranked each of the 35 exchanges it tested based on a variety of factors, and placed Bitcoin.de, BitMEX, BTCC, Cobinhood, Coinbase, Cryptopia, Gemini, Huobi, ItBit and Paxful at the top of the list.
Staying Secure on Cryptocurrency Exchanges
The most important thing to do when signing up for an exchange is to enable 2FA authentication. Google Authenticator and Authy are two popular options, although we recommend reading up on Authenticator’s quirks, if you decide to use it.
When it comes to creating solid passwords, Dashlane has a number of recommendations as well:
- Use a unique password for every online account
- Generate passwords that exceed the minimum of 8 characters
- Create passwords with a mix of case-sensitive letters, numbers and special symbols
- Avoid using passwords that contain common phrases, slang, places or names
- Use a password manager to help generate, store and manage your passwords
You can check out the full report from Dashlane here.