Researchers at IU have discovered a simple way to foil criminals intent on breaking into university data. To investigate the impact of policy on password reuse, the study analyzed password policies from 22 different U.S. universities, including their home institution, IU. Next, they extracted sets of emails and passwords from two large data sets that were published online and contained over 1.3 billion email addresses and password combinations. Based on email addresses belonging to a university’s domain, passwords were compiled and compared against a university’s official password policy. The findings were clear: Stringent password rules significantly lower a university’s risk of personal data breaches.
ORIGINAL SOURCE: Help Net Security