How do I create secure passwords?

A recommended method for generating a secure password is the password generator in Password Depot. Here you select the maximum allowable number of characters and all permitted types of characters to achieve the highest possible security when generating passwords.

Password Depot offers the great advantage: You don't even have to remember the complex passwords generated with the password generator, as they are safely stored in an encrypted password vault and can be retrieved at any time. The password databases cannot be lost, as Password Depot automatically creates backup copies of your databases which can be stored locally, on external hard drives, servers or in the cloud.

Weak passwords as security risk

Which passwords are particularly popular in this country and are often used? The current top list of the most used passwords in Germany, published annually by the Hasso-Plattner-Institute (HPI), shows that many users generally use insecure passwords. Simple numerical combinations and insecure passwords such as "123456" or "password" dominate, which can be cracked in a flash and therefore are easily accessible for data theft.

Many internet users feel overwhelmed by the need to use a new password for every service and account. This leads to the widespread reuse of passwords for different services, which allows hackers to access multiple accounts at once.

Is my password secure?

Weak passwords are an invitation to identity theft. Through Brute Force Attacks, dictionary-like character combinations including appended numbers are tried for hacking passwords in seconds. Password Depot provides good protection against such dictionary attacks and warns when using insecure passwords that appear in hacker dictionaries.

In Password Depot, you can easily test the respective password security: For each individual password, an exact analysis of the quality is carried out. Intelligent algorithms warn against too weak passwords.

Generate secure passwords with Password Depot

Therefore, especially in companies, a professional password manager like Password Depot should be used to ensure that passwords meet certain quality requirements. The password generator in Password Depot creates secure passwords and stores them thanks to the AES-256 algorithm with an encryption considered to be uncrackable so far.

During login - for instance into your email account, bank accounts, or other online forms - the password data is automatically filled in, without being visible to unauthorized individuals. And if you want to see the passwords in plain text, you can simply look them up in the password vault accessible only to you.

How often should passwords be changed?

With a secure password manager, the more sensitive the data stored and the shorter the passwords, the more frequently you should change your passwords. The rough guideline is: passwords with less than eight characters should be changed weekly, with eight to ten characters monthly, and with more than twelve characters every six months.

Password Depot can remind you, if desired, about renewing certain especially important passwords. Simply fill in the "Valid until" field for this. Here, you can set an individual validity period for each entry.

Tips for creating secure passwords

If you ever want to create a secure password "by hand" instead of using our password generator, the following tips will help you:

  • Many Characters: Use as many characters as possible for your password. Use at least eight to ten characters. Each additional character increases password security.

  • Different Characters: Do not repeat characters or character sequences, regardless of the type of character (letters, numbers, punctuation, symbols). Avoid "ababab", "aaaaa", etc.

  • Different Character Types: Use all allowed types of characters such as upper and lower case letters, numbers, punctuation, and special characters. If you do not, your password should be longer. Avoid passwords consisting only of letters or numbers.

  • No Character Sequences: Please refrain from patterns and sequences regarding letters, numbers, and keyboard entries such as "12345", "abcde", or "qwertz".

  • No Replacement of Letters by Similar Looking Characters: Replacing letters with similar numbers or special characters does not fool a good hacker. Therefore, replacing the letter "o" with the number "0", "i" with "1" or "a" with "@" only helps to a limited extent. So, do not replace an "i" with a "1", but rather with a special character like "$". Avoid passwords like "P@ssw0rt" or "M1crosoft".

  • No personal data, names, or numbers: Do not use names of relatives, acquaintances, or nicknames. Also, avoid personal numbers, such as the phone number, birthdays, or car registration numbers.

  • No personal preferences: Do not choose your favorite dishes, sports, places, movies as your password, like "PizzaSalami", "BayernMunich", or "LakeConstance". Personal preferences are as easy to guess as private names and numbers.

  • No dictionary entries: Since hacking programs systematically try out entries, no word from a dictionary should be used, regardless of its length. Thus, "steamshipshippingcompany" is not a good password.

  • Variety: Use a different password for each account. Never use the same or similar passwords for multiple accounts.

Tips for your master password in Password Depot:

When using Password Depot, you only need to remember a single, secure master password. Our recommendation for this is to use personal phrases as the basis for your master passwords. They create a particularly secure password by using the initials from an easily memorable sentence.

Common phrases should be modified according to a pattern known only to you. Therefore, avoid using proverbs or general phrases as your password. For example, the sentence "My father explains our nine planets to me every Sunday" and the corresponding password MvemjSunP formed from the initials of the words are not suitable.

Instead, it is better to use an individual sentence as the basis. For example, "I use secure passwords in Password Depot and have been doing so for 10 years" and the corresponding password "IvsKiPDudss10J". To make this password even more secure, replace the letter "s" with a special character like "#". This way, you get the password "Iv#KiPDud##10J".

Another method is the combination of numbers and words: "K2e9n1n0w2o0r0t1" is composed of "Kennwort" (password) and "29.10.2001" (date). The date should not be a well-known birthday. Here too, you can increase security by replacing a number with a special character, e.g., replacing "1" with "^", resulting in "K2e9n^n0w2o0r0t^".

Summary:

  • Change passwords in case of security incidents and weak passwords.

  • A strong password should utilize the maximum allowed character count for each account. Use a password generator for this!

  • Good passwords should include all allowed characters, such as numbers, punctuation, and special characters. Also, mix upper and lower case letters.

  • If a password can be found in the dictionary or in any other reference book, it is not a secure password, regardless of its length.

  • Do not use names of family members or pets. Also, avoid using phone numbers, license plate numbers, or other information that can be easily associated with you.

  • Never use simple keyboard patterns like "asdf" or "jklö".

  • Avoid reusing similar or identical passwords for different services.

  • Use a password manager like Password Depot. This way, you only need to remember a single master password!

  • Enable two-factor authentication if possible.