More than a decade after first examining the issue, research by the University of Plymouth has shown most of the top 10 English-speaking websites offer little or no advice guidance on creating passwords that are less likely to be hacked [phys.org].
Some still allow people to use the word 'password', while others will allow single-character passwords and basic words including a person's surname or a repeat of their user identity.
Professor of Information Security Steve Furnell conducted the research, having carried out similar assessments in 2007, 2011 and 2014.
Have password restrictions ever helped?