The use of networks and online services has become an integral part of everyday life and personal data is secured with passwords everywhere. Actually, password security should therefore now be a matter of course, because after all, you currently have to create individual accounts with personal data on a large number of Internet offers in order to be able to participate in social, commercial and business life. You have heard it again and again – the passwords used must be up-to-date and secure, preferably with upper and lower case letters, numbers and special characters and in no case shorter than 8 characters!
Many people find the creation of so many well thought-out passwords tiresome. Especially if you then have to try to ensure that they are as uncrackable as possible and are ideally generated randomly. Choosing passwords is made even more difficult by weighing whether security or rememberability is more useful. This often leads to a hasty choice of insecure, obvious passwords, which is why system administrators then have to strive to close potential security gaps. But what is a really ‘secure password’? And how do cybercriminals actually get someone else’s passwords?
What happens if my password is not secure?
A possible but time-consuming and ineffective method is the repeated entry according to the ‘trial and error principle’. This is particularly useful when the password is easy to guess or is already known in whole or in part. Passwords can of course also be made by accident by trying out all possible character combinations, which, however, does not promise much success due to the immense (time) effort and is therefore less likely. It is therefore easier to go through so-called ‘word lists’, which collect possible passwords and are easily accessible on the Internet. Another popular method used by cybercriminals is password spying through social engineering, or grabbing entire password files and hashing stored passwords. Passwords are stored in password files and the password is encrypted using a hash function to form a random sequence of characters from which it can no longer be derived vice versa. Attackers can compare such a password file with millions of possible passwords, which they also encrypt using the hash function. Of course, the simpler the password, the easier it is to discover.
How can I generate a secure password?
There is no absolutely secure way to the perfect password. However, following a few simple tips can make it much harder for hackers to crack your passwords:
Passwords that can be derived in any way from your environment should be avoided in any case, because they are not even difficult to guess through spying and social engineering. This includes, for example, your personal data such as surname or date of birth, but also the name of your pet or family members.
It is also important not to use contiguous words that can be tracked down via a dictionary or search engine, as they are easy to find as a character string that already exists. And even if it seems more complicated – it is important that you use different passwords for all purposes so that thieves don’t create a ‘master key’ for all your encrypted data. If you want to remember your passwords easily, you can instead use simple words connected by different numbers or special characters.
However, the longer the password, the better. A large number of different types of characters such as upper and lower case letters, numbers and special characters additionally reinforce the protection. If you don’t want to keep all your passwords in your head, we recommend writing them down by hand, because an electronic password list can also fall victim to a hacker attack. In this case, however, you should refrain from keeping those notes near your computer so that they cannot fall into the wrong hands at your workplace. The saving of Passwords via a browser also needs careful consideration depending on who has access to your device.
As everyday personal and business life increasingly takes place online, it is becoming increasingly attractive for hackers to spy on password-protected information in order to misuse it for their own purposes. However, if you follow these simple principles, you can make life much more difficult for attackers and better protect your sensitive data.