In early 2020, the Federal Office for Information Security (BSI) moved away from its recommendation to change passwords regularly. In current versions of the BSI Baseline Protection Compendium, corresponding textbook passages have been deleted.
In the chapter restricting the use of passwords, BSI experts only recommend changing the password if it falls into the wrong hands. The liability listed there before the specific rules for length and complexity were proposed also disappeared.
Good passwords can last for years
Security experts believe the previous law will do more harm than good. For example, High Security writes, “A good password can be used for years without hesitation.”
A security expert doing research on issues such as password security at Ruhr-Uni Bochum, Prof. Marcus Dermuth welcomed BSI’s change of heart: “This is a very important step, but it took a long time for BSI to take it.”
Strange but true: These 100 passwords are the most commonly used
What is a good password?
It should be clear: any password that you use for a long time should be secure accordingly. Simple number sequences 123456, 98765 or similar are omitted from the beginning – this also applies to simpler fonts such as abcde or qwertz. Even simple words or names from German or English should be avoided when choosing a password – if the terms can be found in the dictionary, it is easy for criminals to guess.
Passwords with many variations are especially effective. It makes sense to use a combination of uppercase and lowercase letters, numbers, and special characters – especially if sensitive areas such as a bank account need to be protected. It is a good idea to set different passcodes for different accounts. Also: the longer the password, the harder it is for hackers and others to guess. A minimum of 6-8 characters is recommended – more for more sensitive areas.
If you are worried about not remembering such complicated passwords when you need them, it is a good idea to use a password manager. Below this article we have listed a selection of the ones we believe are the best of their kind. If using a password manager is too complicated for you, so-called password cards may be an alternative. That’s what it is about Read here.
Problem solver. Incurable bacon specialist. Falls down a lot. Coffee maven. Communicator.