You’re prompted to enter a password today virtually every time you create an online account as a private individual – whether with banks, web stores, mailing services, music and TV streaming providers, forums, or social networks. And oh, please make sure it’s secure! To guarantee maximum confidentiality, each newly created account should have a password that is not only as secure as possible but also different from all of the others. But beware! Anyone who hangs out regularly in the World Wide Web and has personal data stored in the digital depths will tell you that one-hundred-percent security is a myth. You can – and should – try to make the security layers around sensitive personal information as impenetrable as possible, to get as close as you can to absolute protection. There are several approaches you can take here.
Simple rule of thumb for passwords
Plant security is a highly complex issue in the industry, especially in the OT (operational technology) sector, and staff with adequate training and profound specialist knowledge are a must. Data availability, integrity and confidentiality are far more important there than they are in the private sphere, of course, yet you can – and should – always take a few basic precautions to improve your security status. For instance, you can make your passwords more secure relatively easily by sticking to a simple rule of thumb: they should be a combination of upper and lower-case letters, numbers and special characters, and they should be a minimum of eight characters long.
“Your data will protected very effectively”
“If you create a secure password using a mnemonic, your data will be protected very effectively,” explained Florian Glatzner, an adviser to the Digital and Media Affairs Team at the Federation of German Consumer Organizations (VZBV), in a recent interview with Süddeutsche Zeitung. It’s a fact that personally memorable mnemonics, where you take just the first letter of each word and add at least one number or special character to it, are extremely difficult to crack. For example, the sentence “My dog is called Bonzo and he was born on January 28 in Chicago”, produces the following password: MdicBahwboJ28@C.
Alternatively, you can use one of the many password generators developed specifically for this purpose.
So many passwords to remember – a nigh on impossible task
As you can see, it isn’t all that complicated creating passwords that are sufficiently robust; however, finding a safe place to store all of this sensitive information is a slightly different matter. Particularly if you’re a regular visitor to umpteen assorted platforms in the WWW, the number of passwords you’re expected to remember soon reaches double figures. And even with mnemonics or acronyms to help you, memorizing them all is nigh on impossible.
As a private individual, you need to think hard about the safest place to store your vast collection of personal passwords – and the best way to go about storing them.
Fortunately for you, there are various options available here…
Write them down on paper
In principle, it’s a good idea to use, and make a note of, secure passwords that are difficult to remember. The German Federal Office for Information Security (BSI) actually confirmed this to an NTV reporter. It’s easy to see why. After all, hackers and other cybercriminals are highly unlikely to break into your private home in search of a written list of passwords to steal. No-one would argue with the official BSI recommendation: “Write your passwords down on pieces of paper and keep them in a safe place separate from your computer.”
That may be an unbeatably secure method, but “storing” your passwords in this way is not without complications in everyday life. For instance, if you need a password urgently and spontaneously, you won’t necessarily have it at your fingertips. And if ever your list becomes illegible or you lose it for whatever reason, you’ve got a big problem.
Many passwords, one master
Entering your passwords in an electronic document can provide a remedy of sorts here. Creating a document on your computer and saving it either offline as an encrypted file or on a storage medium that isn’t connected to the Internet is a more up-to-date version – it’s digital, at least! You can find quite a choice of encryption software in the market, some of it free. You simply have to memorize one particularly strong “master password” to gain access to your entire list of personal passwords.
If you also want to be able to access your password list while on the move, you can obviously save that list on a storage medium with a connection to the Internet as well, for example using a simple notepad app on your smartphone or a cloud solution. You should still be on your guard nevertheless: unwanted or unauthorized access cannot be completely ruled out, even with this method. That is why you should always take care to encrypt your data before you store it.
Password managers – a good alternative for all personal passwords
Password managers represent the most convenient way to manage PINs and passwords, and they’re available as both online and offline software solutions.
Tests dedicated to password managers generally end with a recommendation to use an offline version.
Why’s that?
There’s a simple answer: with online password managers, part of the responsibility for protection is inevitably taken ‘out of your hands’ by a third-party server, so that a certain amount of transparency is lost. In other words, you must (be able to) trust the third-party provider. And that provider, too, is not one-hundred-percent immune to cyber attacks or unwanted, unauthorized access. Like the electronic documents I mentioned earlier, you can also distribute an offline password manager via the cloud and encrypt it again before uploading it to the cloud.
A fingerprint scanner also helps
Password managers have another advantage: not only do they encrypt your data prior to storing it but in most cases you can also create new passwords using a random generator. Once again, all you have to memorize or store is one (preferably ultra-strong) master password in order to access all of the others. These programs are even offered as smartphone apps. Some apps can moreover be unlocked using the fingerprint scanner on your mobile device, which apart from being more user friendly is simultaneously more secure. If the password manager is linked to a cloud server, even losing your smartphone won’t mean your data is irrecoverably lost. And if you wish, you can synchronize your passwords with any other (selected) devices.
Two-factor authentication provides an extra layer of security
I’ve one last tip to finish off with: no matter where you ultimately decide to store your access data, you should always choose two-factor authentication if that’s an option because it provides your account with an extra layer of security. For example, when you log in initially, a code might be sent to your smartphone as additional authentication, without which you’ll be unable to complete the login procedure. As Glatzner emphasized in the newspaper interview, “One-hundred-percent security just doesn’t exist. In spite of that, I’d highly recommend using a password manager.” And that takes us back to where we started. Like the tips outlined above for creating and storing passwords, this advice only applies to everyday use and not to industrial OT (operational technology).
5G is on its way – all you need to know about tomorrow’s cellular network
