In a comprehensive study of the password security policies of 100 e-commerce websites, Apple was the only site to receive a perfect score of 100.

Conducted by password-management company Dashlane (via Ars Technica), the Personal Data Security in E-Commerce Security Roundup [PDF] examined the password policies at various sites using 24 different criteria like acceptance of weak passwords and whether or not entry is blocked after failed attempts.

passwordscores

The roundup assesses the password policies of the top 100 e-commerce sites in the US by examining 24 different password criteria that Dashlane has identified as important to online security, and awarding or docking points depending upon whether a site meets a criterion or not. Each criterion is given a +/- point value, leading to a possible total score between –100 and 100 for each site.

While Apple was the only company to earn a score of 100, other companies, like Microsoft, Newegg, and Target also received high scores while Major League Baseball, Toys R Us and Aeropostale received some of the lowest scores.

The study revealed that 55 percent of online retailers accepted weak passwords like "password" or "123456" and 51 percent made no attempt to block entry after 10 incorrect password entries. 61 percent did not provide advice on how to create a strong password, and 93 percent did not provide an on-screen password strength assessement.

Apple, however, met and exceeded all criteria as the company has notoriously stringent password rules to encourage its users to create strong passwords.

Some retailers may argue that such requirements impede user convenience, but companies such as Apple, arguably the most famous brand on the list, have shown that it is possible to be both secure and successful. In every category we tested, Apple implemented the 4 simple policies and procedures we recommend above. These policies resulted in the company being awarded the only perfect score in the study.

When a new Apple ID account is created, users must have a password with at least eight characters, one lower case letter, one capital letter, and one number. The password cannot contain multiple identical consecutive characters, it can't be a common password, and it can't be the same as the account name.

Apple will also rate passwords as weak, moderate, or strong and it asks users to create security questions as well. When logging in with an Apple ID, three attempts at entering the wrong password will prompt a password reset via security questions or email authentication.

As noted by Ars Technica, while the study looks at several aspects of password management, it does avoid some important criteria such as whether sites allow password entry through unencrypted HTTP password connections or allow resets via security questions.

Top Rated Comments

UnfetteredMind Avatar
UnfetteredMind
156 months ago
C'mon Dicks ... get it up!
Score: 9 Votes (Like | Disagree)
keysofanxiety Avatar
keysofanxiety
156 months ago
But ... but ... on my Android phone I don't have to type in passwords! I just have to use 'sIris' to recognise my eye and reveal my debit card details. Admittedly, there are a few flaws ... such as it thinking my eye colour was blue when they're actually brown. And I did manage to unlock my phone by pointing the camera towards a Mr. Potato Head.

But customisability, guys! You're too locked down! #changingicons
Score: 8 Votes (Like | Disagree)
dannyyankou Avatar
dannyyankou
156 months ago
But ... but ... on my Android phone I don't have to type in passwords! I just have to use 'sIris' to recognise my eye and reveal my debit card details. Admittedly, there are a few flaws ... such as it thinking my eye colour was blue when they're actually brown. And I did manage to unlock my phone by pointing the camera towards a Mr. Potato Head.

But customisability, guys! You're too locked down! #changingicons

But animated wallpapers are so c00l! Who cares if customization opens up the possibility of battery drain, viruses, and hackers? I want my widgets and Swype keyboard!
Score: 6 Votes (Like | Disagree)
bearda Avatar
bearda
156 months ago
This kind of surprises me, as Apple still has no password expiration policy or review of older password requirements. I was kind of surprised to find out one of our test accounts has been running around with a... fairly insecure password for a long time without any prompt to change. It definitely wouldn't pass the new account standards now.
Score: 1 Votes (Like | Disagree)
Menel Avatar
Menel
156 months ago
C'mon Dicks ... get it up!

you win the internets

----------

Where are the websites with 2 factor auth?

PayPal google?
Msft doesn't even have 2 factor

My Microsoft account that hosts one of my domains, does have two way. Loads into the Google Auth app.
Score: 1 Votes (Like | Disagree)
Read All Comments

Popular Stories

Apple Wallet ID Illinois

Apple Plans to Expand iPhone Driver's Licenses to These 7 U.S. States

Wednesday December 24, 2025 8:40 am PST by
In select U.S. states, residents can add their driver's license or state ID to the Apple Wallet app on the iPhone and Apple Watch, and then use it to display proof of identity or age at select airports and businesses, and in select apps. The feature is currently available in 13 U.S. states and Puerto Rico, and it is expected to launch in at least seven more in the future. To set up the...
Read Full Article47 comments
iPhone Top Left Hole Punch Face ID Feature Purple

iPhone 18 Pro Launching Next Year With These 12 New Features

Tuesday December 23, 2025 8:36 am PST by
While the iPhone 18 Pro and iPhone 18 Pro Max are not expected to launch for another nine months, there are already plenty of rumors about the devices. Below, we have recapped 12 features rumored for the iPhone 18 Pro models. The same overall design is expected, with 6.3-inch and 6.9-inch display sizes, and a "plateau" housing three rear cameras Under-screen Face ID Front camera in...
Read Full Article95 comments
iOS 26

iOS 26.2 Adds These 8 New Features to Your iPhone

Monday December 22, 2025 8:47 am PST by
Earlier this month, Apple released iOS 26.2, following more than a month of beta testing. It is a big update, with many new features and changes for iPhones. iOS 26.2 adds a Liquid Glass slider for the Lock Screen's clock, offline lyrics in Apple Music, and more. Below, we have highlighted a total of eight new features. Liquid Glass Slider on Lock Screen A new slider in the Lock...
Read Full Article
maxresdefault

10 Mac Apps Worth Trying in 2026

Wednesday December 24, 2025 9:27 am PST by
2026 is almost upon us, and a new year is a good time to try out some new apps. We've rounded up 10 excellent Mac apps that are worth checking out. Subscribe to the MacRumors YouTube channel for more videos. Alt-Tab (Free) - Alt-Tab brings a Windows-style alt + tab thumbnail preview option to the Mac. You can see a full window preview of open apps and app windows. One Thing (Free) -...
Read Full Article88 comments
maxresdefault

Where's the New Apple TV?

Monday December 22, 2025 11:30 am PST by
Apple hasn't updated the Apple TV 4K since 2022, and 2025 was supposed to be the year that we got a refresh. There were rumors suggesting Apple would release the new Apple TV before the end of 2025, but it looks like that's not going to happen now. Subscribe to the MacRumors YouTube channel for more videos. Bloomberg's Mark Gurman said several times across 2024 and 2025 that Apple would...
Read Full Article168 comments
Foldable iPhone 2023 Feature Iridescent Search

Samsung Developing 'Wide Fold' With iPhone Fold-Like Design Ahead of Apple's 2026 Launch

Tuesday December 23, 2025 11:55 am PST by
Samsung is working on a new foldable smartphone that's wider and shorter than the models that it's released before, according to Korean news site ETNews. The "Wide Fold" will compete with Apple's iPhone Fold that's set to launch in September 2026. Samsung's existing Galaxy Z Fold7 display is 6.5 inches when closed, and 8 inches when open, with a 21:9 aspect ratio when folded and a 20:18...
Read Full Article86 comments
iOS 26

iOS 26.3 Brings AirPods-Like Pairing to Third-Party Devices in EU Under DMA

Monday December 22, 2025 3:20 pm PST by
The European Commission today praised the interoperability changes that Apple is introducing in iOS 26.3, once again crediting the Digital Markets Act (DMA) with bringing "new opportunities" to European users and developers. The Digital Markets Act requires Apple to provide third-party accessories with the same capabilities and access to device features that Apple's own products get. In iOS...
Read Full Article100 comments
iphone fold 3d print

Have a 3D Printer? You Can Make Your Own iPhone Fold Dummy

Tuesday December 23, 2025 1:31 pm PST by
Apple is working on a foldable iPhone that's set to come out in September 2026, and rumors suggest that it will have a display that's around 5.4 inches when closed and 7.6 inches when open. Exact measurements vary based on rumors, but one 3D designer has created a mockup based on what we've heard so far. On MakerWorld, a user named Subsy has uploaded a 1:1 iPhone Fold replica (via Macworld), ...
Read Full Article125 comments
iPhone SE Cosmopolitan Clean

Apple Discontinued These 25 Products This Year

Wednesday December 24, 2025 7:24 am PST by
With the end of 2025 near, the time has come to look back at the devices and accessories that Apple discontinued throughout the year. Most of the products that were discontinued this year were simply replaced by a new model with an updated chip. However, the iPhone SE line was entirely discontinued when the iPhone 16e launched, and the iPhone Plus line is being phased out. Below, we have...
Read Full Article13 comments