PlumberSurplus.com Ecommerce and Entrepreneurship Blog | About | Contact | PlumberSurplus.com Store

Twitter Assists Users by Denying Poor Passwords

Posted on January 27, 2010 by Archives

Recently Twitter.com implemented some password standards for their new users. If you view their source on the sign up page you can find a password list of around 370 banned passwords. Try searching for "twttr.BANNED_PASSWORDS" to see it. It consists of things like simple combinations of numbers, first names, team names and food.  Here are some examples of banned passwords on Twitter:

1234567
abc123
apples
batman
corvette
freddy
iloveyou
lakers
startrek
thx1138
yellow

While this is a step to helping users create stronger passwords it doesn't do much to educate them.  Twitter provides prompts such as “6 characters or more (be tricky!)” for instructions on creating a password.  If the password is part of the banned passwords they get a “Too obvious” warning that doesn't really look like a warning.  Oh and while "cheese" doesn't work as an acceptable password "cheesy" is approved as a welcomed Twitter password.

 

Twitter Password Too Obvious

 

A better approach would be to show the user some aspects of a strong password.  For instance, a combination of upper and lower case letters, numbers, special characters and not using a dictionary word. I do not feel those are covered by “be tricky.”  Google does a good job of providing information on what they consider a good password as a link in their account creation.

It really comes down to user education.  Having strong password requirements might hinder the user experience initially, but will ultimately help the user experience in the long run as it's a step against their account being compromised.

 

blog comments powered by Disqus