“More than half of the websites in the study accepted passwords with six characters or less, with 75% failing to require the recommended eight-character minimum. Around 12% of had no length requirements, and 30% did not support spaces or special characters.”
A recent PG forum thread is discussing it. PG deemed it not secure enough almost three years ago, based on solid reasoning.
However, that was three years ago and the product has altered dramatically. I just don’t think it’s been resuggested/evaluated since then.
PG forum users (and PG itself) are pretty inconsistent with how they judge stuff. Not trusting one company (Filen) because there were issues three years ago (and are now, as I understand it, fully addressed) but totally trusting another company (Brave browser) despite repeated actions that erode trust is odd behaviour.
I’m a filen user myself, just in the interests of full disclosure.
Disclaimer: not a security expert at all, just a working knowledge. However, what I read 18 months or so after reading that github thread was enough to reassure me.
I may be being overly pedantic here but that statement, whilst I don’t doubt its good intent, always reads to me like a bit of a get out of jail free card.
I’m not sure how much weight you can place on a recommendation when the full criteria isn’t know and can be changed on a whim. And yes, I’m aware I can browse the forum, ask and see for myself but I’m not sure your average user is going to feel confident enough to do that.
Largest Study of its Kind Shows Outdated Password Practices are Widespread (www.cc.gatech.edu)
“More than half of the websites in the study accepted passwords with six characters or less, with 75% failing to require the recommended eight-character minimum. Around 12% of had no length requirements, and 30% did not support spaces or special characters.”
Filen.io not on the list privacyguides.org
I’m just wondering why Filen.io isn’t included in the privacyguides.org. It’s great cloud service with execlent privacy and good pricing too.