Passwords are very important in today’s digital world. On the PC, laptop or smartphone: Everywhere we have installed little helpers, some of whom manage sensitive data. E.g. bank details or other personal data. To avoid being the victim of fraud, theft or even identity theft, passwords should be as secure as possible.
Unfortunately, passwords like “123456” are still popular and often in use. The problem is: weak passwords can be guessed or calculated quickly. And if you are still logged in to every online service with the same e-mail address and use the same password everywhere, the chances are extremely high that it will happen:
Unfortunately, many people are not aware of how manifold the consequences of spying, guessing or calculating passwords can be.
If, for example, your e-mail account is hacked, your own e-mail address is usually also stored as a recovery address in shops such as Amazon or Ebay. The attacker can then go shopping with your payment information. Or he sees your personal photos in the cloud. He or she could also appear under your name on social networks such as Facebook or Instagram. Insights into business documents or documents about your health are also often the target of such attacks.
By the way, you can check whether your data is endangered with our software Identitiy Inspector!
We will therefore show you strategies for using secure passwords in the future. How can I choose the most secure password possible? What is the best way to manage passwords? And how can you additionally secure yourself?
How long does it take for an attacker to crack a password?
Many users use passwords based on personal data: their own birthday, names of family members or of pets. If this data is known, it usually happens very quickly. Powerful computers can generate and test around one million passwords per second. A five-digit password lasts about 30 minutes in the best case. If private data is used, it is much faster.
Modern computers need several months for an 8-digit password with upper and lower case letters, digits and special characters. Each additional position increases safety. If your password consists of 15 digits, it will take about 30 years.
How do thieves and hackers steal passwords?
First of all: Hackers are at least as clever as you are. 😊 If a hacker is targeting you directly, he will first ask in your personal environment. However, it usually doesn’t matter to hackers who they can get personal information from. In this case, passwords are requested via spam mails or hackers’ data is simply used. Large (but also smaller) companies are regularly hacked and this data is sold or otherwise published. Well-known websites such as Adobe, Adult Friend Finder, Avast, BitTorrent, Comcast, Creative, Dropbox, Kickstarter, LinkedIn, Snapchat, Sony and many other companies/websites have already been victims of these attacks. And if you have an account there, then these data are in principle freely available.
Most popular passwords
Unbelievable, but true: The most popular passwords are still simple combinations of numbers, so:
- 22222 etc.
The following words are also used:
And then in combination with numbers:
These passwords can’t really be safe – or what do you think?
What is a secure password? What does a secure password look like?
We advise you to use passwords with as many characters as possible. You should use at least 8 characters in any case. Some experts also advise using 15 or more characters. Please keep in mind, however, that you have to enter your password every now and then.
Under no circumstances should you use terms from the dictionary or names. A secure password should contain upper and lower case letters, numbers and special characters. And using the same password for multiple online services should be taboo!
How to create a secure password? Tricks for a secure password:
- Do not use real words or words that look like this. “Password” or “Pa$$$w0rd” are not a good idea. Names and birthdates should also never be used!
- Avoid repetitions, palindromes or keyboard patterns: “qwertz” is also not a good idea and is still used very often!
- Avoid german “Umlauts”! Ä, ö and ü can cause problems especially with foreign services
- Always use upper and lower case letters!
- Your passwords should also contain numbers and special characters such as #, *, % or &. But please not only these four special characters, there are many more!
- You should mix letters, numbers and special characters! For example, not four letters first, then two numbers and finally two special characters.
- It depends on the length: If you want it to be completely secure, e.g. for a WLAN password, use 20 characters.
- How can you easily remember your password? Use sentences as a basis as a mnemonic. E.g. “In summer I go to the outdoor pool” results in an “IsIgttop”. Add numbers and special characters. There are no limits to your creativity!
What else is there to consider when using passwords?
If you don’t always want to come up with new passwords, a password manager is always recommended. For example, our SecuPerts Cyber Shield software includes a good password manager. In addition, it is recommended to use two-factor authentication for important services. For example, your Amazon account can be additionally secured. The service provider will send you a numerical code via SMS or app each time you log in or with each new device you want to use to log in to the provider. You can only log in if you enter this numerical code!
How secure is my password?
Remember: A password is only safe as long as nobody else can get it! If you want a written protection, you should not store the passwords somewhere freely accessible. By the way, it is also a good idea to make access data accessible for relatives or relatives. So that your digital estate is accessible if the worst comes to the worst.
Save passwords or not?
If you use a password manager, the passwords are usually well protected. However, you should consider whether you allow your browser, for example, to save all data. Not all applications or browsers store passwords in such a way that they are at least difficult to access. With browsers, for example, the Windows password is usually sufficient – and all passwords are quickly visible!
Is my password 100% secure?
Let’s say it this way: if you understand our tips and hints, you are close! Unfortunately, the data is also stored at online providers and these can – as already mentioned above – also be quite vulnerable. We will therefore soon be releasing software that will enable you to monitor whether your e-mail address is stored with a hacked service provider. You should then immediately use a new password with these providers!
Be sure to use SSL encryption!
The best password is of course not very good if you enter your password on an unencrypted page and store it there. In any case, you should make sure to use only websites with SSL encryption. You can see this in the address line of your browser. If only http is used as protocol, the connection is unsecure and can be monitored. You should then immediately switch to https. This is displayed differently depending on the browser. For example, Chrome always indicates whether the current page is safe or unsafe.
Conclusion: A good or secure password should….:
- have at least 8 characters and consist of more than one word
- be somewhat complex
- be known only to you
- can be used easily, e.g. using a password manager
- be regularly monitored
- can only be used with SSL encryption
- if possible be secured by two-factor authentication