Booting up the computer, checking email, perusing Instagram, booking a trip, playing in a soccer betting game, transferring money – the list of activities for which we are responsible in everyday life Passwords The password that we need has become longer and longer in recent years. The digital keychain is practically as important today as the one we use to lock our homes. After all, it too secures a part of our lives: our data.
What experts never tire of pointing out: Passwords should not be chosen arbitrarily – after all, only a secure key is a good key. But what is a secure password and what is not, there were and still are different opinions about it. And now there are new recommendations on how to deal with passwords from a competent source.
The German Federal Office for Information Security (BSI) had always recommended changing passwords regularly until now. However, the BSI no longer gives this tip: In the current edition of the BSI Basic Protection Compendium, the corresponding text passage has been deleted.
Passwords: IT security expert welcomes new BSI advice
In the chapter on regulating password use, the BSI experts advise changing passwords only in the event that a password might have fallen into the hands of someone else. Even the previously listed requirement there to prescribe fixed rules for length and complexity for one's passwords has disappeared. For years, many security experts have believed that such rules do more harm than good.
Security expert Prof. Markus Durmuth, who researches topics such as password security at Ruhr University in Bochum, welcomed the BSI's change of course: "This is a very important step, but it took the BSI a long time to take it."
Germans' most popular passwords are the most insecure ones
First, the specialist portal our site had reported on the new recommendations of the BSI. "A good password can be used for years without hesitation," it says. "Changing them regularly tends to lead to using weak passwords, for example, following a scheme (secret1, secret2, …) generated."
In recent years, researchers had repeatedly found that the most popular passwords among Germans are very insecure ones. As recently as December 2019, the Hasso Plattner Institute in Potsdam published a list of the most popular passwords, which once again highlighted the problem. According to the study, the five most used passwords by Germans are:
Passwords: How best to protect yourself on the web?
Remembering many complicated passwords is unquestionably difficult. Access data can be used conveniently with programs that manage passwords securely. Whenever possible, you should also make what's called a Two-factor authentication USE. In this case, after the password is entered, an additional security code is required, which is received by the user, for example, via SMS or app.
Stiftung Warentest gave recommendations for secure password managers only at the end of January. Three password managers received the grade "good", six times there was a "satisfactory" and twice the verdict "sufficient", reports the foundation in its magazine "test" (ie 2/2020). Read more about the testers' findings here.