A new report from password manager specialist Dashlane has looked at the state of password security around the world, and claims that many of us still aren’t as protected as we need to be.
In what it claims to be the first global analysis of its kind, Dashlane used its own algorithm to measure the security of its users’ passwords and create a health score out of 100.
The report revealed that Eastern Europe had the highest average score with 76.4, closely followed by the Northern and Western regions of the continent, with scores of 74.3 and 73.4 respectively. Southern Europe was one of the worst performers globally, with an average score of 71.4.
Europe on top
In the next band of scoring were Central and South America, East and South-East Asia, and Southern and Eastern Africa, with scores between 72 and 73.
Amongst the lowest scorers were the Middle East, Central and Southern Asia, Northern and Western Africa, and Oceania. North America came dead last with a score of 69.1, with close to 20% of all its passwords being compromised.
According to Dashlane, scores of 90 and above are considered good, with anything below requiring improvement, so it looks like the whole world needs to do better, something that password generators could potentially use.
Dashlane’s scoring algorithm
Dashlane scored its users based on the vulnerabilities it identifies and the quality of your most important passwords, such as those used for banking, email and social media. Its algorithm constantly works in the background of your system to make its assessments and focuses on four key areas.
It checks to see if there have been any data breaches relating to your accounts by monitoring the dark web, and flags potentially leaked passwords. It also deducts points from your score if you have any similar passwords to those that have been compromised. The algorithm will also check for the number of reused or similar passwords across accounts, and the more you have, the lower your score.
The strength of each individual password is also measured, using the industry standard zxcvbn score – the same employed by most websites and platforms that tell you the strength of your newly created password.
Dashlane’s algorithm also excludes certain passwords from the scoring system, as they argue that not all passwords are indicative of your overall health – some have certain restrictions that the user cannot affect, such as passcodes for smartphones and Wi-Fi passwords. Also likely to be excluded are credentials from its business password manager branch.
- Find out if Dashlane features in our choice of the best password managers