When creating passwords for sites and apps, it's important for us to look at what the site requires in terms of password strength. Which of the following shows that the site or app may not have strong enough rules for creating passwords?
1) The number of characters required is very low or there is no minimum defined at all.
2) Special characters are not allowed to be used in the password.
3) The company or organization sends your credentials (username and password) via email at any time, but especially on sign up.
4) The company or organization emails a new password.
5) The company or organization does not confirm your old password before allowing you to change it.