Keep your passwords strong and secure
AVM Content
A modern supercomputer can crack simple passwords in a matter of seconds, for example, "123456" or "password." In many cases, weak passwords represent a potential security risk. By following the tips below, you can better protect your data and your identity.
1) Be creative
In the past, we were told that the longer and more complex a password was, the more secure it was. However, since this resulted in many users using these passwords multiple times, experts now recommend using passwords that are "easy to remember" but "hard to guess." Two strategies are recommended for this. Either a short and complex password or a long and less complex password.
For example, for a short and complex password of 8-12 characters, you can come up with an easy-to-remember phrase and use only the first letters of the words. You can then add some numbers and special characters. Avoid sequences of adjacent letters on the keyboard and do not use known and ascending sequences of numbers.
For a long password of 20 to 25 characters, for example, you can randomly select 5 to 6 words from the dictionary, each separated by a space or special characters. Additional information on creating secure passwords can also be found at the US National Institute of Standards and Technology or the German Federal Office for Information Security (BSI), for example.
2) Use each password for only one account
Never use a password for more than one account. In the event that one of your passwords is cracked or otherwise becomes known to others, other accounts will are still protected against unauthorized access.
3) Use a password manager
If you're signed up to and registered on various websites and apps, you'll most likely have a number of different accounts, all with individual passwords. A password manager helps here, meaning you don't have to memorize dozens of different passwords. You just have to remember one master key or password, and you have all your login details in one place.
4) Use multi-factor authentication
Whenever possible, you should use two-factor authentication for the services you are logged into. In the unlikely event that a password gets lost, your accounts are additionally protected against unauthorized access. Examples of two-factor authentication include one-time passwords (OTPs) for online banking, authenticator apps or FIDO2 keys.
5) Has your password been stolen? Take the test!
Your private data and passwords may already have been exposed to the public. Germany's Hasso Plattner Institute allows you to check if your personal data has been stolen in criminal cyber attacks. You can consult their Identity Leak Checker to determine whether an email address or password has been compromised and made public on the internet.
Checklist – how to choose a secure password
- Use passwords that are easy for you to remember, but difficult for others to guess
- Avoid using names or sequences of familiar and ascending digits in your passwords
- The German Federal Office for Information Security and the German Consumer Advice Center recommend at least eight characters for short and complex passwords and at least 20 characters for long and less complex passwords
- Create a unique password for each account
- If you have many different accounts, you should using consider a password manager with a master key
- Use two-factor authentication where possible. More and more internet services are offering this option.