The "change-your-password-day" on 1. February is the annual call to update your passwords.
Because the risk of being hacked as a company or private person and becoming the victim of a cyber attack is high. "The question is not if it will happen, but when," emphasize security experts at the Hasso Plattner Institute (HPI).
Theft of digital identities continued to increase last year as well. The HPI Identity Leak Checker now allows comparison with around 13 billion stolen identity data freely available on the Internet.
Checking whether you’ve been a victim of data theft yourself is easy with the free service HPI has been running since 2014. More than 8 million leaked details of bank accounts have already been found in connection with e-mail, for example. HPI educates about these risks, which weak and thus insecure passwords can cause, and publishes the Germans’ "Top 10" passwords every year.
The password should be long and fancy
Computers can crack passwords faster and faster
Most people don’t even realize how fast the computing power of servers and computers has become. In so-called brute force attacks, billions of combinations can be played out within a single second. The hit rate is high.
In addition to the already existing tips for secure passwords, it is recommended to create passwords as long as possible. There is simple mathematics behind it. If you look at the possible combinations, each additional character multiplies the time it takes to crack the password. For password security, it makes a huge difference whether a password has twelve, fourteen or sixteen characters.
Quantum computers will be able to crack passwords at lightning speed
Tips for choosing a password
When choosing a password, the Hasso Plattner Institute therefore recommends:
- Long passwords (> 15 characters)
- Use different classes of characters (upper case, lower case, numbers, special characters)
- Do not reuse the same or similar passwords on different services
- Using password managers
- Activate password change in case of security incidents and for passwords that do not meet the above rules, if possible
The Identity Leak Checker
Whether one has become a victim of data theft can be checked very easily with the Identity Leak Checker, an online security check by the Hasso Plattner Institute (HPI). Since 2014, any Internet user there at https://sec can.hpi.de/ilc free of charge by entering his e-mail address to check whether identity data of him are freely circulating on the Internet and could be misused.
The security researchers enable matching with now more than 12.8 billion stolen identity data available on the Internet. The focus is on leaks where German users are affected. The offer is unique in Germany.
In total, more than 16.5 million users have had the security of their data checked using Identity Leak Checker over the past five years. In more than 4.2 million cases, users had to be informed that their e-mail address was openly accessible on the Internet in combination with other personal data.
Solid passwords are important, but many users don’t put in enough effort