The safe password rules are simple and well known:
1. Eight chars minimum.
2. At least three different types of chars out of these four: small and large letters, digits and special symbols.
3. No known words of any language and no names, not even interchanged with digits like 3 for E, 5 for S, 1 for l or 7 for T.
4. HTTPS secure login.
5. Never show or transmit unencrypted passwords.
Unfortunately too many website designers don't even know these rules or don't care to enforce them on their members. Some sites don't even allow special symbols or do not have a minimum length requirement.
If your site stores even more sensitive information like credit card data, SSNs &c. then this requirements and more are even prescribed by industry standards and in some cases even the law.
It's too bad PSN didn't care about any of this. They could have at least accepted PayPal payments, so that credit card data would not have been stored on their servers.
1. Eight chars minimum.
2. At least three different types of chars out of these four: small and large letters, digits and special symbols.
3. No known words of any language and no names, not even interchanged with digits like 3 for E, 5 for S, 1 for l or 7 for T.
4. HTTPS secure login.
5. Never show or transmit unencrypted passwords.
Unfortunately too many website designers don't even know these rules or don't care to enforce them on their members. Some sites don't even allow special symbols or do not have a minimum length requirement.
If your site stores even more sensitive information like credit card data, SSNs &c. then this requirements and more are even prescribed by industry standards and in some cases even the law.
It's too bad PSN didn't care about any of this. They could have at least accepted PayPal payments, so that credit card data would not have been stored on their servers.