News articles

Isthisasecurepassword?!1?

Maybe...?

(published on 08.02.2021 by Marianne Rudigier)

Protecting our data with passwords has become as natural as locking the door after leaving the apartment. But just as there are apartment doors that are better curtains that can be opened by blowing on them, there are also passwords that do not offer sufficient protection against hackers. The top three most common passwords in Austria are [1]:

  1. 123456
  2. 12345
  3. 123456789

Caught? If so, change your passwords immediately! You can find out how to change your TU passwords here: www.it.tuwien.ac.at/services/zutritt-login-und-identity/accounts-und-login/tuaccount/faq-tuaccount, opens an external URL in a new window

However, even passwords like 135Jonny or Darling456 do not provide sufficient protection.

But how do you get a secure password and how do you remember it easily?

Basically:

  • The longer a password is, the more secure it is.
  • The more different characters it contains, i.e. upper and lower case letters, special characters and numbers, the better it is.
  • It should not contain words that are in a dictionary (no matter what language).

It is recommended to use so-called password sets. Example: Iwould much rather sit in the office than work in the home office! The first letters of each word make a good password. Iwmrsitotwitho!

With 14 characters, this password meets the current recommended minimum length of 12 characters. With a length of 12 characters, the calculation of the password using the bruteforce method [2] takes about 80 years and is thus considered secure.

Is one good password enough for all applications?

No! Make sure that you use a separate password for each application. To do this, you can extend or adapt the phrase. Example: I would much rather be in the office than in the home office, because I don't drink 9 liters of coffee a day there! Iwmrsitotwitho,bIdd9locadt! A perfectly acceptable password.

However, as we use more and more applications in everyday life that we have to protect with a password, it becomes increasingly difficult to remember several good passwords. A remedy for this is the use of a password manager. At TU Wien it is possible to use the password manager 1password. Details can be found under the following link: oase.it.tuwien.ac.at/20276609.asHTML, opens an external URL in a new window, opens an external URL in a new window.

How you can check if your passwords are secure or if you have already been a victim of a hacking attack, you will learn in the next article.

And no, Isthisasecurepassword?!1? is not a secure password, because it contains words that can be found in a dictionary and it was published here. However, it would be more secure than 123456.

[1] see: futurezone.at/digital-life/das-sind-die-haeufigsten-passwoerter-oesterreichs/400394285, opens an external URL in a new window, opens an external URL in a new window (last accessed Jan. 12, 2021).

[2] more about this in one of the next posts.