How to make passwords more secure and less stressful28-01-2022 Author: Jan Tissler
On occasion of Data Privacy Day, we have some good tips for secure passwords. How many new passwords have you created in your lifetime? And how often have you entered one to log in to a service or device? Countless times. It's so commonplace that these questions are impossible to answer.
And yet, in many cases passwords are the key security factor standing between valuable data and an attacker. Making it all the more important to choose them wisely.
What makes passwords insecure and vulnerable
A major disadvantage of the password principle is that they must be stored with the provider – hopefully in a sufficiently encrypted way. However, mistakes do happen and not everyone can afford a security standard as high as ours at DSwiss. And so unsecured or insufficiently protected passwords regularly end up in the wrong hands. The site Identity Leak Checker, for example, checks to see if your email address can be found in lists published by hackers.
But even if the passwords are stored securely, they can still escape with the right amount of extra effort, for example through social engineering or phishing. Neither the best encryption nor a perfectly crafted password will be of any use if the login credentials are voluntarily handed over. The same applies if malware intercepts all keystrokes, including bank account logins.
At the same time, it turns out that many users still fail to use secure passwords despite years of education. "123456" regularly turns up in data leaks. Or, even if a secure password is selected, it tends to be used multiple times for reasons of convenience. The problem: if it comes to light with just one hack, all other credentials with the same password will also be at risk.
7 tips for secure passwords and accounts
- The longer the password, the better. This makes it more difficult for attack methods based on automatic password guessing. Every additional digit is valuable.
- Do not use words that can be found in the dictionary. Hackers go through these automatically at lightning speed. For manual typing, it can be helpful to string any syllables together. This will be easier to type.
- Special characters, numbers and upper and lower case letters are a good idea. This also makes it more difficult for machines to guess the password due to the higher number of possible character combinations.
- Special characters, numbers and upper and lower case letters are a good idea. This also makes it more difficult for machines to guess the password. Ideally, these should not only be at the beginning and end of the password, but also in the middle.
- Use two-factor authentication!
- Give incorrect or complex answers to "security questions" that really only you can know. Of course, you must still be able to remember them. But if your answers are ones that can be easily guessed or found on the net, then security is next to nothing.
- As a substitute email address for the "forgotten password" function, use one that you set up specifically for this purpose, and which is not known anywhere else.
At the heart of password security are rules 1 and 2: Use long passwords and each of them only once. We therefore recommend the use of a password manager which can not only suggest secure passwords, but also save them in a convenient and secure manner. This will stop you from being tempted to use simple passwords or even reuse existing ones. We offer this type of password manager in SecureSafe.