This repository contains the dataset from our SOUPS 2022 paper Password policies of most top websites fail to follow best practices. We visited websites from October 2021 to December 2021.
Our project website can be found here.
overview.xlsxcontains our full findings, including raw text we extracted, regular expressions, and websites we had skipped.- Some of the regular expressions that could not be easily-encoded are in
*.pyfiles.
*.tsvfiles contain the passwords we tested at each website. Each line contains the password's guess number as determined by PGS, and whether or not it was accepted by the website. For tested leaked passwords, we also include the position of the passwords on the HIBP-NCSC-100k list.
psm-findings.xlsxcontains our findings on password strength meters.*.tsvfiles contain the 100 easiest-guessed passwords tested at each website's strength meter. Each line contains the password's guess number as determined by PGS, and its feedback on the strength meter (1 being the lowest, refer topsm-findings.xlsxfor scale).