Door number 2

Secure passwords

Secure passwords are an important part of personal IT security. The longer a password is and the more character types (upper and lower case letters, numbers, special characters) a password contains, the more difficult it is to crack. See also the graphic below. The password guideline of the TU Darmstadt currently recommends 9 characters as a secure length for passwords and will soon increase this to 12 characters.

The most important facts in a video

Error: Loading of resource has failed

Go to original web page

How do I create a secure password and why do I need a different one for every online service? This film from the German Federal Office for Information Security (BSI) shows it in two minutes.

How many different 10-character passwords are there that can contain lowercase letters, uppercase letters, and numbers?

(a) exactly 67,600 passwords

(b) about 3.7 quadrillion passwords

(c) about 839 quadrillion passwords

(d) exactly 620 passwords

No idea? We'll give you a little hint: For an 8-character password that may only contain lowercase letters, there are about 208.8 billion possibilities.

How fast can your password be cracked?

The table shows how long your password can resist a brute force attack – that is, persistent trying of all possible combinations. The more characters you use the more possibilities there are to combine these characters. And the more combinations there are, the more time criminals need to crack the password. Therefore, they should set long passwords with different types of characters (upper and lower case letters, numbers, special characters).

The more random the better

Long, randomly generated passwords are the most secure. How to create passwords randomly and how to remember long, randomly generated passwords, you will learn in tomorrow's door – as well as the answer to the guessing game above.

Use secure passwords in daily life

We have listed further useful tips for dealing with passwords here: