Secure passwords

In this section we wish to make you aware of the skilful selection of personal passwords. In this respect many users act in a manner that it far to naive and use passwords that are easily guessed, so that it is made very easy for potential attackers to access the personal data of their victims. With the correct strategies for creating personal passwords, personal risk is minimised. We show you how.


Without doubt, it can be very tiresome ensuring that all the personal passwords that arise on a day-to-day basis, are as "secure" as possible and also to memorise the appropriate password for every particular use. One factor, which many users are not aware of is the multitude of possible severe consequences which threaten, if passwords are spied on or guessed. Certainly you would not want anybody to be able to read your private or business emails. A much more serious aspect in this connection is the associated loss of confidential information, which is actually meant for your eyes only. Advanced information, which an attacker can obtain by looking through your private documents, can open the floodgates to abuse. Think of confidential commercial documents or additional passwords to other services which have been sent to you by email.


Ensuring that someone really is who he says he is, - so-called authentication - is a great challenge in the Internet world. The use of passwords in this area has been standard practice for a long time. All of which is of little use if "weak", i.e. too easily guessed, passwords are used. Many actual, flesh and blood, attackers have already made use of this knowledge, as well as the malware that has been developed by them, in that they use a list of passwords until access is finally obtained (so-called "Brute force" attack).


Many users use passwords which are based on personal information and thus are easier to remember. Attackers are aware of this. Often they guess for example short numerical passwords, in which the birth year or day and month of the victim are tried. Other common mnemonics such as names of pets or partners are likewise not difficult for attackers to guess.


Combinations of upper and lowercase letters with numbers and special characters are much safer. For example, arrange a sequence of characters from the sentence "Today, the 10th July, I will create a secure password with at least 25 characters" comprising the first character of each word and the numbers in sequence.


An attacker would find it hard to guess this combination. However, with the original sentence as a mnemonic, for you, the originator, the password is relatively easy to remember.


The selected password should be known only to you and should not be divulged to friends or relatives, nor should it be written down.


Some applications permit the saving of passwords for convenience, however this should be avoided where possible, as it cannot always be guaranteed that a password is saved in secure encrypted form. Some programs save passwords unencrypted in clear text on the system, so that it is easy for attackers to read these.