Logo Increase Your Skills
Contact

Creating strong passwords

Information Security
09.10.2020
Mick Zander Profile Picture
Author
Mick Zander

What would you say if asked whether you think you use strong passwords? No? Then you should immediately look at changing this. Every year, number combinations such as 123456 top the list of Germany's most frequently used passwords.¹ In this blog, we explain why it is essential to use strong passwords and teach you how to easily create them yourself.

For cybercriminals, cracking easy passwords is not a difficult task. With the help of tools that automatically try out familiar character combinations, they can quickly gain unauthorised access to confidential data. This method is called a dictionary attack. A much more complicated but effective approach is known as the brute force method. This method entails the cracking of complex passwords by automatically trying out random combinations of characters. Therefore, it is not a question of whether a password can be cracked, but how long it takes. With sufficient computing power and time, it is possible to crack any password. A cracked password offers cybercriminals countless opportunities to cause damage. As such, it is not uncommon for providers (e.g. social media companies) to block the account after repeated incorrect entries in order to prevent brute force attacks. The following tips will ensure that you have the knowledge to create strong passwords and, in doing so, protect your sensitive data more effectively.

Advice on creating strong passwords

Do not make it easy for cybercriminals to access your sensitive data. You can protect yourself with just a few easy steps. Here, we present you with five practical ways of creating a strong password (including an example) to increase your understanding.

Use a long and complex password

There is a simple principle for passwords: the longer and more complicated, the better! Therefore, ensuring your password is at least 10 characters long is the first step to take. Passwords that contain twice as many characters offer more security. Users often tend to begin their password with an uppercase letter and use a number at the end. However, this common feature makes it easier for cybercriminals to work out your password.  Instead, spread capital letters, numbers and special characters sporadically!

Use all available characters

When creating a password, you should use all available characters, including upper- and lower-case letters, numbers and special characters (!?%...). By including all of these different elements, you are drastically increasing your password security.

Avoid personal connections and whole words

Avoid using the names of family members, dates of birth, any address data, or the names of pets; these are all unsuitable when it comes to setting your password. It is extremely easy for a cybercriminal to access this information and use it to their advantage.

Use a password manager

It is easy to quickly lose track of the many passwords you have for various websites. A password manager helps you to keep track. It stores your various passwords and even suggests strong passwords, and you only need one strong password to secure it.  It is important to look at and compare which types are available on the market. Unfortunately, some providers have been in the headlines because of successful attacks. Open-source providers are recommended, which do not use cloud storage to store passwords. They should be able to be stored locally.

An example of how to create a strong password Think of a simple sentence. For example: "I rode my new bike to work this morning." Now use the first letter of each word, leaving us with "IrMnbtwTm". Then replace certain letters with similar-looking special characters and numbers. The result: "1rMnb7w7m!". You now have a strong password. You can also use lyrics from a memorable song or other phrases that you can remember.

 

Higher security: two-factor authentication

Many more online service providers are making procedures available with which users can identify themselves in addition to entering a password. Two-factor authentication thus offers an additional level of security. Depending on the company, you will receive a code via SMS or an associated app, generated for this one log-in only. Do not overlook this important security feature. Two-factor authentication makes your accounts much more secure; several banks, social media platforms and email providers currently offer this function.

¹The most popular German passwords 2019 in: Hasso Plattner Institute [online] https://www.hpi.de/pressemitteilungen/2019/die-beliebtesten-deutschen-passwoerter-2019.html [08.10.2020].