The Sophos Naked security blog ran an article in August that was a disappointing revelation about major online brands that allow ridiculously easy user passwords. Just because a web site will permit you to use a bad password, doesn’t mean you should. Our current recommendation is to use passwords of at least 15 characters, and couple that with two-factor authentication at every opportunity.
The password management program Dashlane performed an audit of 37 online brands and rated their password policies. (To see a larger more readable infographic, click through to the Dashlane blog) Their infographic follows: