“Change Your Password Day”
This is what a secure password should look like
Better safe than sorry – especially when it comes to passwords.
© Nicoleta Ionescu/Shutterstock.com
February 1st is “Change Your Password Day”. In an interview, an expert explains how Internet security works today.
“It is important that each service and each account has its own strong password.” What should actually be part of the basics of cyber security is still a sentence that security experts repeat like a mantra. In an interview with the news agency spot on news, Christian Funk, head of the German-speaking research and analysis team at the IT security company Kaspersky, reveals what is important when choosing a password and the reasons for external password management.
The advantage of different passwords is obvious: “This is the only way to protect other accounts in an emergency, should a password actually be compromised,” explains Funk and says what is important when choosing a secure password: “A strong, secure password exists At least 16 characters and a combination of uppercase and lowercase letters, numbers and special characters.”
Strengthen better than change
Funk is critical of the fact that on “Change Your Password Day” on February 1st people are asked to change their password because it increases security: “As things stand today, changing access data regularly has a counterproductive effect on the security of online accounts. This means that passwords tend to be made weaker rather than stronger.” The Russian software company therefore proposes changing the focus of the anniversary: ”That’s why we at Kaspersky are not advocating a ‘change your password day’, but a ‘strengthen your password day’.
Because of its convenience, many use the password management implemented in their browser. This often also offers the option of generating secure passwords. However, the information is then stored on the computer – is there a risk? “Modern implementations of password management in browsers have become better and more secure,” says Funk, but qualifies, “nevertheless, as a fixed part of the browser, they offer more attack surfaces for web-based attacks and, in some cases, weaknesses in the secure storage of the Passwords, such as encryption.”
In the worst case, users “lose” their faces
If you want or need to be completely on the safe side, you can use additional software to manage your passwords. According to the expert, their advantage, in addition to the secure encryption of the password, is “that they also offer their services outside of the browser, for example when logging on to game launcher software such as Steam, Uplay or other portals with their own software.”
Funk warns to be particularly careful with biometric data: “The face and the fingerprint are unique, but the sensor technology and the code for verification can be outwitted in some cases. In the case of fingerprints, these can also be easily copied by a person and activated used by devices.” In contrast to a normal password, the loss of biometric data is more far-reaching, explains Funk: “The big problem with this is that if a password falls into the wrong hands, the user can easily change it. If this happens to biometric information, then it is for everyone Times burned for security-related authentication methods.”
IT security means more than passwords
Criminal activities on the Internet make it necessary for users to be vigilant. “Unfortunately, users still think that they and their data are of no interest to cybercriminals,” comments Funk, warning: “That often makes them easy victims.” Even secure passwords alone do not protect against fraudulent intentions, the advice of the security expert: “Users should always be vigilant, use their own wits and check where emails come from and from which sources they download files.”