Cryptocurrency Exchanges Allow Poor Password Security Practices, Research Finds

Francisco Memoria
  • Password manager Dashlane found that cryptocurrency exchanges allow users to secure accounts with inadequate passwords
  • In one case, a researcher was able to use the letter "a" as his password

Research conducted by password manager Dashlane found that some of the biggest cryptocurrency exchanges allow their users to use poor password security practices, so much so they fall behind the average mainstream website.

Dashlane researchers tested the 35 largest cryptocurrency exchanges, and found that over 70 percent allow their users to secure accounts with inadequate passwords, leaving them “exposed to financial theft due to unsafe password practices.”

Commenting on the results, the company’s CEO Emmanuel Schalit stated:

“Signing up for a cryptocurrency exchange is akin to signing up for a bank account. With your bank account, credit cards, Bitcoin, and other digital assets potentially stored on the exchange, it’s critical that your account is locked down on the security front."

Emmanuel Schalit

The company’s researchers found that 43 percent of cryptocurrency exchanges allow users to create passwords with seven or characters or less, while 34 percent don’t require alphanumeric passwords.

Dashlane pointed out that some exchanges allowed users to open accounts with rather poor passwords like “12345,” or “password.” In one case, researchers note, it was possible to open an account with the letter “a” as its password.

The company’s chief executive added that the fact exchanges allow their users to create inadequate passwords should “serve as a wake-up call to the entire industry.” Dashlane’s researchers ranked every exchange’s password security requirements with a score from one to five, with anything below five being considered “failing and not meeting the minimum threshold for good password security.

The results can be seen below:

dashlane.jpg

Dashlane further looked at whether exchanges require passwords with eight or more characters and alphanumeric combinations. Researchers also looked for “password strength assessment” tools on the exchanges they tested, as well as email confirmation mechanisms and two-factor authentication (2FA).

The password manager’s press release notes that after opening an account with an exchange, users should enable 2FA. Per the release, there’s no scenario where a user should skip this step, and every legitimate exchange should allow 2FA.

When compared to results from previous research Dashlane conducted, cryptocurrency exchange didn’t do too well. Per the release, mainstream websites like Apple, Facebook, and PayPal only had a 36 percent failure rate, while crypto exchanges were at 71 percent.

Warren Buffett’s Berkshire Hathaway Posts $49.75 Billion in Q1 Losses

Michael LaVere
  • Warren Buffett's Berkshire Hathaway has sold the firm's entire stake in the four major US Airlines.
  • Berkshire posted $49.75 billion in first quarterly losses, citing the impact of COVID-19 on businesses and investments. 

Legendary investor Warren Buffett has dumped US airline stocks after his firm Berkshire Hathaway posted $49.75 billion in losses in the first quarter of the year. 

Berkshire Hathaway has sold the firm’s entire holdings in the four major U.S. airlines. Buffett warned investors the “world has changed” for the aviation industry in response to the ongoing coronavirus pandemic. 

Buffett continued, saying the economic shock of the outbreak will have an “extraordinarily wide” range of possible outcomes for the market, including the impact on his own investment firm. In a regulatory filing, Berkshire revealed $49.75 billion in losses through the first quarter of the year. The company attributed the losses primarily to the massive drop in its investments and businesses as a result of the COVID-19 pandemic. 

Berkshire Hathaway operates various businesses deemed essential, including in the transportation, insurance, energy, and utility sectors. These saw their activity slow down, while retail, manufacturing, and service businesses of the conglomerate were heavily impacted.

Per Buffett restaurants and entertainment venues were shuttered, forcing Berkshire to protect its stakes by grant leaves for employees and cutting salaries and capital spending plans. Buffett was quoted as saying:

While we believe that these necessary actions are temporary, we cannot reliably predict when business activities at our numerous and diverse operations will normalize. We also cannot predict how these events will alter the future consumption patterns of consumers and businesses we serve.

Speaking in a virtual annual meeting from his home in Omaha, Nebraska, Buffett told shareholders the company’s withdrawal from the airline business had come at a substanial loss. 

He said, 

We made that decision in terms of the airline business. We took money out of the business basically even at a substantial loss.

Buffett continued, saying Berkshire refused to fund a company they think will “chew up money” in the future. 

Featured Image Credit: Photo via Pixabay.com