Many internet users simply hope that it won’t hit them. But what if it is? What if the password for Ebay was suddenly stolen, which may also be the key to PayPal, various online shops and your Facebook and email accounts? Then there is a risk that third parties will log in and place orders on the Internet with incorrect data – but the bills will go to you. Strangers can also sign contracts, send messages, change profiles and much more with your logins.
How do thieves get passwords?
There are two main reasons why others can get hold of your passwords:
Millions of usernames and passwords end up in the hands of criminals due to data leaks at large online companies. The Hasso Plattner Institute (HPI) at the University of Potsdam has long assumed that billions of user accounts are affected. The stolen passwords and personal information of the owners circulate in long lists, often on the so-called dark web, and can theoretically be found by anyone on the web.
Anyone affected by this should urgently change their passwords. You can have the HPI check online whether your e-mail address has been affected .
Aside from such data leaks, a poorly chosen password is still the most exploited security hole on the Internet . Because hackers can find out quickly with the help of certain programs. These programs test different letter and number combinations, for example from dictionaries, in connection with number combinations in a matter of seconds.
In order to be safe online, it is therefore particularly important:
- If possible, use a separate password for each service . If there is a security gap in one of the portals, through which access data such as passwords and user names have been lost, criminals cannot log into all your other accounts with the stolen data.
- Choose strong passwords that are not easy to guess.
Also Read: Cyber Attacks Are Increasing
6 rules for good passwords
- Basically, the longer the password, the more secure it is. A password should be at least 8 characters long.
- It should contain upper and lower case letters, numbers and special characters (e.g. § & ? * ! ?) and should not be found in a dictionary or related to you and your family. So don’t use names, dates of birth, phone numbers or anything like that.
- It should not represent a mere sequence of numbers (12345…), alphabetic sequence of letters (abcdef…) or a series of adjacent keys on the keyboard (qwerty…).
- The more sensitive an access is (e.g. in online banking), the more care you should take when choosing a strong password. If the provider does not provide for a character limit for the password, the following applies: the longer, the better! In such cases, it is better to use 10 than 8 characters.
- Do not choose one password for all portals, but create your own password for each service used or each of your online accounts.
- Change a password if it was sent to you by a provider and you have logged in there for the first time. Other reasons to change the code would be that your online service provider requests you to do so, you become aware of a major data leak, or your device has been infected with malware.
Keep password lists secret
If at all, write down the password in a safe place – not on a piece of paper on the PC, not in your wallet or collected in your calendar. The same applies to computers and smartphones: Do not create unprotected files with passwords that strangers can easily open. If you want to save passwords on your PC or smartphone, you should use suitable password managers and secure access to them with a strong master password. Do not send passwords via email, text message or any other similar means.
Be careful about saving passwords in your software, e.g. in the email program, the browser, on the smartphone etc. If the programs save your data unencrypted and/or the device itself is not well protected, then others can use your PC or smartphone access to your user accounts.