From Deloitte CIO Journal
“More than 90 percent of user-generated passwords are vulnerable to hacking. Inadequate password protection can lead to billions of dollars in losses, declining confidence in Internet transactions, and significant damage to the attacked company's reputation. Today's eight-character password is simply no longer good enough.”