When assigning a password, you are often asked to use at least one uppercase letter and a special character like % or /. However, what is not sufficiently checked is that the password is long enough. Although there is a minimum number of characters required, this is often too short, according to the National Institute of Standards and Technology (NIST).

Because a password should be at least 8 characters. And this is really only the absolute minimum! Better are 12 or 16 characters. It would also be desirable to allow the providers spaces in passwords, which would increase the possibilities of complexity, and thus the security again.

A short password with, for example, only 8 characters, even if you spam them with special characters, can be detected in a relatively short time by computers that do nothing but try out passwords. And already the culprits have gotten a hit again to drive Schindluder with your data. If the same password applies to other accounts then the damage can be considerable.

For if you buy at your expense on the Internet, and the goods are delivered to any packing stations you may not notice this at first, or very late. Then it will be difficult if not impossible to find the perpetrators who often sit abroad, while you stay at high cost. Because it was not hacked the portal where your access data were tapped, but you yourself were the victim of a hacker attack, which you have apparently made possible by insufficient security arrangements.

As we said before, with strong passwords, the creativity and convenience of many users are failing to come up with a sensible password. Many then resort to password generators, which are however not particularly recommendable, because here the passwords created at some point are the same, and can easily be spied out.

Another option is to use a password manager for all your passwords. Here then a single master password is sufficient to get to all other data. But the BSI has come to the conclusion that this alternative is risky. Because if only a single password is needed to then get sorted by a variety of passwords with the associated portals that may not be the right solution.

Your passwords should be as individual as possible, and preferably consist of a whole sentence, in which you then exchange certain letters for numbers (for example, an E against a 3, or a B against an 8, etc.). The sentence should also be really individual and not something like “youcannot getinhere”.

It is best to form sentences that have emerged from personal life events that really only you and maybe a handful of people from your personal environment can know, and convert them by exchanging letters for numbers and / or special characters, and uppercase and lowercase letters ,

So take the time to invest in your online security, because the damage caused by inadequate security measures can bring you much more trouble.