Most popular travel sites have unsafe password practices
A new study of password and account security on 55 of the world's most popular travel-related sites reveals that 89 percent leave their users' accounts potentially exposed to hackers due to unsafe password practices.
The research by password management company Dashlane tested each website on five critical password and account security criteria. A site received a point for each criterion it met, for a maximum score of 5/5. Any score below 4/5 was considered failing and not meeting the minimum threshold for good password security.
Only 11 percent (6/55) passed with a score of 4/5 or better, and only one travel-related website, Airbnb, received a perfect 5/5 score. Unlike Airbnb, other household names, including American Airlines and Carnival Cruise Lines failed, receiving a score of 1/5. The websites even allowed Dashlane researchers to set up accounts with alphanumeric passwords '12345' and 'password'.
Failings came in a number of areas, 96 percent of travel sites tested don't provide two-factor authentication, for example. Additionally, Dashlane found that 81 percent of travel sites didn't provide users with a password strength assessment tool during the account creation process.
"I believe that traveling is the single greatest opportunity to de-stress from daily life and broaden our horizons," says Emmanuel Schalit, CEO at Dashlane. "However, the modern traveler has to reckon with the many digital hazards associated with a journey -- from booking flights, to reserving hotel rooms, to renting a car or looking online for recommendations -- which creates many chances for personal data to become compromised. Our intention in ranking travel sites is not to scare people away from one of life's greatest pleasures, but to make the modern traveler more aware. The days of worrying about just pickpockets are over, digital thieves are the real threat."
You can see more of the findings on the Dashlane blog and there's an infographic of the overall rankings below.