The 1. February is change-your-password day. Changing your passwords regularly has been the recommendation for a long time to be really safe on the internet. Experts from the German Federal Office for Information Security have long since moved away from this approach. Accordingly, a password could be used for years if it meets the right criteria. In the video you will learn how to create such passwords.
For links on this page, the merchant may pay. a commission, z.B. for with or green underlining marked. More info.
The German Federal Office for Information Security (BSI) backed away from its recommendation to change passwords regularly back in early 2020. In the current editions of the BSI-Grundschutz-Kompendium, the relevant text passages have been deleted accordingly.
The BSI experts advise in the chapter about the regulation of the password use to change the password only in the case that a password could have fallen into strange hands. Also the obligation to prescribe fixed rules for length and complexity, which was mentioned there so far, has disappeared.
Downloads: LastPass browser extensions
Good passwords can be used for years
Photo: Andrea Warnecke/dpa-tmn
Security experts are of the opinion that the formerly common rule does more harm than good. "A good password can be used for years without hesitation", writes Heise Security. "Changing them regularly tends to lead to using weak passwords, for example, using a scheme (secret1, secret2, . ) generates."
Security expert Prof. Markus Durmuth, who researches password security at the Ruhr University in Bochum, welcomed the BSI’s change of course: "This is a very important step, but it took the BSI a long time to take it."
What makes a good password?
It should also be clear: A password that is to be used over a long period of time must also be correspondingly secure. Simple number sequences like 123456, 98765 or similar are out of the question – the same goes for simple letter sequences like abcde or qwertz. Simple words or names from German or English should also be avoided as far as possible when choosing a password – if the terms can be found in the dictionary, they are also easier for criminals to guess.
Passwords that are characterized by a lot of variation are therefore particularly effective. It is advisable to click on a combination of large and small- and lowercase letters, numbers and special characters – especially if you want to protect sensitive areas like your bank account. It is a good idea to set up different passcodes for different accounts. And: the longer the password, the more difficult it is for hackers and co., guess it. At least 6-8 characters are recommended – more for more sensitive areas.
If you’re worried that you won’t remember such complex passwords when you need them, using a password manager is recommended. A selection of the in our opinion best of their guild we have listed below this article for you. If the use of a password manager is too complicated for you, the so-called password cards could be an alternative for you. What it is about, you can read here.