Whether it’s an email account, Dropbox or online banking, you have to use a password when logging in to online services. When it comes to choosing one, many people go the classic route and choose passwords made up of names, birth dates or places. While this makes them easier to remember, employing such methods results in a weak password that can be cracked within seconds. We’ll take a look at how to determine how strong a passwords is and what it takes to create a strong password.

How to choose a strong password

Why are strong passwords so important?

For most online services, a password is the only thing pro­tect­ing your sensitive data. If you rely on easy com­bi­na­tions for con­ve­nience, it’ll be easy for cy­ber­crim­i­nals to crack your password and gain access to your payment details or personal in­for­ma­tion. Even a simple dic­tio­nary attack is often enough to crack many popular passwords. In this type of attack, criminals use a program to sys­tem­at­i­cal­ly test numerous passwords that are based on character strings forming coherent words—ef­fec­tive­ly scanning through a type of dic­tio­nary.

My­De­fend­er
Easy cyber security
  • Regular virus and malware scans
  • Automatic backups and simple file recovery

How secure is my password?

You may be wondering how secure your password is. In the next section, we’ll look at common mistakes you should avoid if you want to make sure your password is secure. The first step though is to create a strong password. A strong password should include at least 8 randomly selected al­phanu­mer­ic and special char­ac­ters. A crucial master key, such as for a password vault, should have a minimum of 12 char­ac­ters.

What are typical mistakes when choosing a password?

To ensure that your password does not fall victim to hackers, make sure you avoid the following password mistakes:

Making your password too easy

“123456”, “abcdefg” or “password” are some of the most popular passwords worldwide and are by far the least secure. Even a simple dic­tio­nary attack can pick out these com­bi­na­tions in seconds. Number sequences can easily be picked out, meaning that birth dates are also not a good choice.

Making your password too short

A short password has one single advantage: it’s easy to remember. But what you save on con­ve­nience, you lose on security. A strong password should be at least eight char­ac­ters long since short passwords can be de­ci­phered in seconds by a brute-force attack (a type of attack where a large amount of character com­bi­na­tions are tried out). You should use numbers, symbols, and uppercase and lowercase letters in your password.

Using the same password for several accounts

Certain websites are sadly quite easy to breach. Although the data stored on them might not be par­tic­u­lar­ly sensitive, using the same password for a com­pro­mised website and other accounts like online banking or Amazon allows cy­ber­crim­i­nals to get their hands on important payment details.

There are helpful tools available to help you check how secure your password actually is. One such tool is How Secure is my Password?.

Using a password generator

Selecting a strong password is chal­leng­ing, even when you sidestep the common pitfalls and opt for a long string of char­ac­ters. The moment you attempt to create a password that is per­son­al­ly mean­ing­ful or simple to memorize, it becomes pre­dictable—par­tic­u­lar­ly to advanced hacking software. That’s why using a password generator can enhance your password security.

You can use an app like the open-source Password Generator App for Android or Password Generator.# for iOS or iPhone, which is based on 256-bit en­cryp­tion mechanism. With just a few clicks, you can generate a secure password free of charge. Password gen­er­a­tors like these can also be found as freeware for PCs. Sites such as the Random Password Generator from Avast create secure passwords in real time that you can tailor based on length and character type.

Using your own password system

To create a secure and adaptable password, generate a prac­ti­cal­ly “un­crack­able” base/master password and then add an extension to it for every different web portal that requires a password. One pos­si­bil­i­ty would be to combine the master password with the name of the service (e.g., PayPal or eBay).

Password strategy example

When using the strategy mentioned above, it would be too risky to set “master password+eBay” as your password. Instead, it’s better to omit the vowels or the second or third letter of the service and replace them in certain places in the master password, for example, always the second, third and last position.

Say your master password is G5w.&$;(9b.B and you want to create a password to use on eBay. You could use the first and last letter of the company, which in eBay’s case would be e and a, and place them at the end and third to last spot of the master password. Using a number to denote the length of the company’s name is also a con­ve­nient tactic. So for eBay the password would be 4G5w.&$;(9bE.Ba and a further example would be PayPal: 6G5w.&$;(9bP.By.

When to use a master password

Even with so­phis­ti­cat­ed systems, there are still some risks. If someone works out the pattern, they could then use it to hack another account. This is why it’s advisable to only use this com­bi­na­tion with the master password on sites that are 100% trust­wor­thy. You should use a different password for sites that are less important and not as secure. Forums and com­mu­ni­ties, which are known to be less secure, offer the option of dis­pos­able passwords. Such passwords can only be used once.

IONOS E-Mail Val­i­da­tion service

Check the au­then­tic­i­ty of an IONOS email, find out straight­away if it is a phishing attempt and report it to remove the phishing content.

  • Validate email
  • Easy to use
  • Remove phishing

What’s a good way to remember a password?

Re­mem­ber­ing a password con­sist­ing of more than 12 char­ac­ters is not easy. A simple trick is to set the com­bi­na­tion as the user password on your PC then set the timer on the screen lock to two minutes. This means that you have to enter the password every time you take a break. It may be annoying at first but, after a while, the password will be etched into your memory.

What are the best tools for saving passwords?

One last golden rule of password security is to never keep your passwords un­en­crypt­ed (in plain text) on your PC, such as in an Excel file. They can easily be found by other users or a Trojan virus. It’s wise to use password managers, such as Password Safe or LastPass to manage sensitive passwords.

What should I do if my password is hacked?

If you suspect or notice an account or website has been hacked, you should act quickly but remain calm. You have two options: You can either try to regain control on your own or get help from the provider. Find out more about what to do in such a situation in our article “What to do if your email is hacked?” and “How to fix a website that has been hacked”.

Be secure. Buy an SSL cer­tifi­cate.
  • Secures data transfers
  • Avoids browser warnings
  • Improves your Google ranking
Go to Main Menu