Do companies care about our online security ?

I recently released my last project.

It is a lightweigth, free and easy to use web service, that lets users know if a password is strong enough, so hackers can’ t guess it

Plain password is never revealed because users don’ t send it . They send just the hash of the password which makes it next to impossible to determine what the real password is. Communication with the web service, is secure: it goes over https all the way.

It is extremely fast (responses in the tenth of a second) and it has the potential to make the sign-up code easier. This is because instead of having to code complex and difficult password requirements, you can just call the service, and it returns if that password is secure, with a yes or no (0 or 1)

You can reach it at https://passable.io

So, I decided to start promoting it. My plan included the following, in no special order :

  • Create a comprehensive documentation in the website.
  • Try to reach potential users (developers)
  • Identify the most visited websites and check if they allow users to sign-up with hackable passwords. Contact them to let know if they do .
  • Write articles to spread the word about the project.

So to perform the third point I searched for Alexa (alexa.com) to get the 1000 most visited websites on the Internet

Afterwards I selected the 200 most visited websites and tried to create an account using a hackable and weak password that meets usual password requirements (Superman1) with those that allow sign-up.

The results? Just a few companies (Google, Facebook or Microsoft to name some of them) had mechanisms that doesn’t allow a user to sign-up using a long and weak password

So I contact each of the companies that don’ t check that users type a strong password letting them know about that and the possibility to use my free web service, and to contact me if they need more info

So far, I have received no contact from any of those companies, and there was no traffic from them either. I doubt a single one of them to have made anything to solve this

This makes me wonder: do companies care about online security ? Hackings like the Apple Cloud leak of celebrity photos, could have been avoided had my web service being used or any other security measure had been taken by that company.

Like what you read? Give hi a round of applause.

From a quick cheer to a standing ovation, clap to show how much you enjoyed this story.