Creating secure passwords

You have the choice, you are spoiled for choice – as the saying goes. Especially with Choosing the right passwords many Internet users find it difficult. It’s no wonder that poorly chosen passwords like ‘123456’ or ‘qwert’ are high on the hit list of particularly common IT security failures? For those who instead take the trouble to use a more complicated password, it is not uncommon that one and the same password is used for many different programs, services or accesses.

How secure is my password??

Hackers have tools that automatically try out all possible character combinations, test entire dictionaries including common combinations of words and appended numbers, or try out access data once published on the Internet for all possible services. To prevent this, a password should meet certain quality requirements and should only be used for one access at a time.

In addition, passwords are not only used to protect confidential data. Example: It is now common to be able to create an account or access ( account ) with a wide variety of providers on the Internet. The login to this account is protected with a password. What could happen if someone logs in there under your name? Who would like strangers to be able to send e-mails or buy expensive goods on the Internet under their own name??

Therefore: Follow these recommendations for the creation and handling of passwords – and you will do something for the security of your data and accounts.

Source Federal Office for Information Security (BSI)

Two-factor authentication for higher security:

Password check – tips for a good password

  • There are no limits to your creativity when choosing a password. It is important that you remember the password well. There are different help strategies for this: One memorizes a sentence and uses from each word only the 1. letters (or only the second or last one). Afterwards, certain letters may be changed into numbers or special characters. The other uses a whole sentence as a password or strings together different words, connected by special characters. Another option is to randomly choose 5-6 words from the dictionary and separate them with a space. This results in a password that is easy to remember, easy to type, and difficult for attackers to break.
  • Basically: The longer, the better. A good password should at least eight characters be long.
    For example, for WLAN encryption methods such as WPA2 or WPA3, the password should be at least 20 characters long. So-called offline attacks are possible here, which also work without a standing network connection.
  • For a password you can usually use all available characters can be used, for example Upper and lower case letters, digits and special characters (spaces), ?!%+…). Some online service providers impose technical specifications for the usable or. characters to use. If your system allows umlauts, keep in mind when traveling abroad that these may not be entered on country-specific keyboards.
  • Not suitable as passwords are names of family members, the pet, the best friend, the favorite star, dates of birth and so on. The complete password should be as short as possible not in dictionaries occur. It should also not be made of common variants and repetition or keyboard patterns such as "asdfgh or "1234abcd exist. Some providers match passwords against a so-called "black list" from, in which exactly such unsuitable passwords are stored. If you want to use them, you will get a notice that the password is not allowed in this form or. is not secure.
  • Append simple digits to the end of the password or use one of the common special characters $ ! ? Adding # to the beginning or end of an otherwise simple password is not recommended.
  • Use a password manager to keep your various passwords well managed. – And its strong password to secure it. This way you only have to remember one good password and you can still use very strong passwords that are different everywhere.

Length and complexity: two key features

A strong password can be "shorter and more complex" or "long and less complex" its. But how long and how complex should it be at least? The following examples give orientation:
A password is safe if, for example

  • is 20 to 25 characters long and uses two types of characters (for example, a sequence of words). It is then long and less complex.
  • Is 8 to 12 characters long and uses four character types. It is then shorter and complex.
  • 8 characters long, three character types are used, and it is additionally secured by multi-factor authentication (for example, by a fingerprint, app confirmation, or PIN ). This is generally recommended.

You can find tips in our fact sheet on secure passwords – in a handy DIN4 format, it fits on any bulletin board: Download the fact sheet here

Like this post? Please share to your friends:
Leave a Reply

;-) :| :x :twisted: :smile: :shock: :sad: :roll: :razz: :oops: :o :mrgreen: :lol: :idea: :grin: :evil: :cry: :cool: :arrow: :???: :?: :!: