Secure password: These ways lead to the goal

The National Center for Cybersecurity (NCSC) recommends securing all access points with strong passwords. Data leaks occur time and again, especially on online platforms. However, the strongest password alone is of no use. For example, you should remember to lock the screen when you are actively working on a device.

The basic idea of a secure password is: For security reasons, passwords should preferably always consist of upper and lower case numbers and letters. According to "G-Data", if one were to use a powerful computer capable of testing a million passwords per second, it would take 29 years to calculate an eight-digit password from upper case letters, lower case letters, numbers and characters in the longest case.

There are various strategies for a secure password besides 2-factor authentication. A dilemma: Every website and every online service requires passwords. Of course, you can also use password managers, but a simple password management can do a lot.

Go for catchy tunes

Think of a phrase and take a song lyric or a quote from a movie. Take the first letters of the first five words and insert a special character with each letter. This game can be repeated with different online services using colors for different services, for example.

If your favorite song is called "Kiosk" - with the refrain "Bini Gottfriedstutz e Kiosk" - and you associate a blue color with Facebook, the password phrase for Facebook could be: B#G#e#KBlau. But maybe there is a password that should be very unique and based on a completely different phrase from other services.

This is especially important for email addresses, for example: Because, whoever can access your e-mail account once, not only gains access to your mails, but possibly also to your frequently used websites with the associated password phrases. In a so-called bruteforce attack, attackers try to obtain a password by guessing it. When a password is guessed, it is repeatedly tested on different platforms.

Another way to remember a password can be a sentence, for example, "I go to bed at 10 p.m. every night." This then becomes IgjAu22UiB!.

Replace letters using the alphabet

A simple encryption algorithm was probably already known to the Roman generals. In order to transmit secret military messages securely, individual letters in the alphabet were shifted by one letter each for the purpose of encryption. Cat then becomes Lbuaf, for example.

The method is efficient, but should be enriched with special characters and numbers. Thus, it is better to remember a string like Lbuaf#1, but do not write down the password anywhere and do not change the appended number for multiple online services.

Disable password storage in browser

It's convenient to save passwords in the browser all the time, but there are risks involved. After all, no system is one hundred percent secure. How to disable password storage in your browsers:

Firefox

• Open Firefox
• Click on the far right of the application menu on Settings. The icon consists of three horizontal lines in the navigation bar of the browser.
• Click on the menu item on the left Privacy and security
• Make sure that there is no check mark in either box under "Credentials and Passwords".

Chrome

• Open Chrome
• Click Chrome's three-dot menu icon on the far right.
• Click Settings.
• Click on the menu item on the left Privacy and security.
• Click Passwords and flip the switch for "Offer to save passwords".

No-Go: Do not use names of family members or your cat

At best, this technique will make you remember a password better, but beware: such information can sometimes be spied from social networks or people search engines. Using your partner's name or your pet cat everywhere is safer than using phrases like 123456, but not a better tactic.

Oliver Hirschi, lecturer and head of "eBanking - but secure!" at the HSLU, knows a simple trick for creating strong, easy-to-remember passwords, and brings it in a YouTube video also to the point: It is important to have a strong password that is at least twelve characters long and consists of upper and lower case letters and at least one special character.

In addition, care should be taken not to use the same password everywhere. If strong passwords are used, the chance of being hacked is relatively smaller than if easy-to-guess passwords are used. He also points to sentence memorization as a way to come up with a password. Ideally, it should be a sentence that is particularly easy to remember. Ideally, you should also take the punctuation marks and special characters from it.

Conclusion

Always remember to use strong passwords - not just as a poor excuse. Kaspersky advises the following tips, for example:

• The length of the password is very central to using strong passwords.
• The uniqueness of the password is also very important. Therefore, always use a unique password for each web service!
• If you want, make your passwords personal to make them easier to remember, but still make sure to follow the basic rule of a secure combination of upper and lower case numbers and characters!

This technical article appeared in the printed edition SicherheitsForum 5-2021.

You want to read the articles of this issue? Then close right now here a subscription.