It is said that those who have the choice are spoiled for choice. Many Internet users find it particularly difficult to choose the right passwords Is it any wonder that poorly chosen passwords like '123456' or 'qwert' are high on the hit list of particularly common IT security deficiencies? For those who instead make the effort to use a slightly more complicated password, it is not uncommon for the same password to be used for many different programs, services or accesses.

How secure is my password?

Hackers have tools that fully automatically try out all possible combinations of characters, test entire dictionaries including common combinations of words and added numbers, or try out access data for all possible services once published on the Internet.

To prevent this, a password should meet certain quality requirements and only ever be used for one access. In addition, passwords are not just used to protect confidential data. An example: It is now common practice to be able to create an account or an account with a wide variety of providers on the Internet. Logging into this account is protected with a password. What could happen if someone logs in under your name? Who would want strangers to be able to send emails under their own name or bid on expensive goods on the Internet?

Therefore: Follow the following recommendations for creating and dealing with passwords - and you will be doing something to ensure the security of your data and accounts.

MIMIKAMA
What a password has to do with pizza, source: Federal Office for Information Security (BSI)

What does your password have to do with pizza?

Think of a sentence that contains at least one number, for example:

Am ldearest esse ich Pizza mit four Zutaten and extra Käse!“ => AleiPm4Z+eK!

So just remember the first letter of each word, the number word as a number, the “and” as a plus sign and the punctuation mark, and you have a strong and secure password.

Two-factor authentication for greater security:

Many online service providers now offer procedures with which users can identify themselves in addition to entering a password when they log into an account. This so-called two-factor authentication is available in numerous variants, which can range from an individual code via SMS to a hardware-supported TAN generator. In any case, a login with a second factor offers a higher level of security than just entering a username and password . Hardware-supported methods in particular offer a high level of security and should, if possible, be used in addition to a strong password.

Password Check – Tips for a good password

  • There are no limits to your creativity when choosing a password. It is important that you remember the password well .
    There are different help strategies for this: One person memorizes a sentence and only uses the first letter of each word (or only the second or last). You may then transform certain letters into numbers or special characters. The other uses a whole sentence as a password or strings together different words connected by special characters. Another option is to randomly select 5-6 words from the dictionary and separate them with a space. This results in a password that is easy to remember, easy to type, and difficult for attackers to break.
  • Basically: the longer, the better . A good password should at least eight characters long.
    For WLAN such as WPA2 or WPA3, for example, the password should be at least 20 characters long.
    So-called offline attacks are possible here, which also work without a permanent network connection.
  • As a rule, all available characters be used for a password, for example upper and lower case letters, numbers and special characters (spaces, ?!%+…) .
    Some online service providers provide technical specifications for the characters that can be used or should be used. If your system allows umlauts, remember when traveling abroad that they may not be able to be entered on typical keyboards.
  • Names of family members, pets, best friends, favorite stars, dates of birth, and so on are not suitable as passwords. If possible, the full password should not appear in dictionaries .
    It should also not consist of common variations and repeat or keyboard patterns such as “asdfgh” or “1234abcd”. Some providers compare passwords against a so-called “black list” in which exactly such unsuitable passwords are stored. If you want to use it, you will receive a message that the password is not permitted in this form or is not secure.
  • Add simple numbers to the end of the password or use one of the usual special characters $! ? Adding # to the beginning or end of an otherwise simple password is not recommended.
  • Use a password manager to be able to manage your different passwords well. – and your strong password to secure it. This means you only have to remember one good password and can still use very strong passwords that are different everywhere.

Length and complexity: two crucial characteristics

A strong password can be “shorter and complex” or “long and less complex”.
But how long and how complex should it at least be? The following examples provide guidance: A password is secure if, for example

  • Is 20 to 25 characters long and uses two types of characters (for example, a string of words). It is then long and less complex.
  • Is 8 to 12 characters long and uses four types of characters. It is then shorter and more complex.
  • is 8 characters long, three types of characters are used and it is also secured by multi-factor authentication (e.g. a fingerprint, confirmation via app or a PIN). This is generally recommended.

You can find tips in a fact sheet from the BSI on secure passwords - in the practical DIN4 format it fits on any pin board: Click here to download the fact sheet

Source: Federal Office for Information Security (BSI)

Also interesting:

There are always so-called “trolls” on the Internet.
You keep stumbling over this word. What are trolls and how can you recognize them? Trolls on the internet


If you enjoyed this post and value the importance of well-founded information, become part of the exclusive Mimikama Club! Support our work and help us promote awareness and combat misinformation. As a club member you receive:

📬 Special Weekly Newsletter: Get exclusive content straight to your inbox.
🎥 Exclusive video* “Fact Checker Basic Course”: Learn from Andre Wolf how to recognize and combat misinformation.
📅 Early access to in-depth articles and fact checks: always be one step ahead.
📄 Bonus articles, just for you: Discover content you won't find anywhere else.
📝 Participation in webinars and workshops : Join us live or watch the recordings.
✔️ Quality exchange: Discuss safely in our comment function without trolls and bots.

Join us and become part of a community that stands for truth and clarity. Together we can make the world a little better!

* In this special course, Andre Wolf will teach you how to recognize and effectively combat misinformation. After completing the video, you have the opportunity to join our research team and actively participate in the education - an opportunity that is exclusively reserved for our club members!


Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )