| Sebastian Knoppik |
Berlin (dpa) – E-mail accounts, WiFi networks and shops: All require passwords which must be remembered and saved somewhere securely. There are ways to make the process safer and less painful.
Most browsers make it easier by remembering user names and passwords for websites and services.
That’s not a problem, says Ronald Eikenberg of German computer magazine c’t, but users shouldn’t forget to regularly install updates and keep virus protection up to date.
“If one is a bit careless, it can happen that a Trojan is installed and user data is tapped into,” the expert warned. One should be sceptical when log-in details are stored on servers rather than on your hard drive.
“That may be safe, but is not easy to check,” said Linus Neumann of the Chaos Computer Club (CCC). “However, the management of different complex passwords by the browser is still much safer than if you always use the same password.”
Eikenberg recommends the old-fashioned solution of pen and paper: “The easiest way is to write the passwords down. Then no Trojans can access them.”
Of course one must be careful not to lose the list. There are ways to further increase security.
“The combination of user name and password gets more difficult to guess, the less information about the user it contains,” said Stephan Kohzer of Germany’s Federal Office for Information Security (BSI).
That means that ideally, the user name should not be the user’s real-world name.
Strong passwords are essential, especially for the main e-mail account, as almost every Internet service allows password re-setting via e-mail.
“The first important step is therefore to make the e-mail password particularly long and complicated and not to use it anywhere else,” said Neumann.
With so-called single-sign-on services, many Internet companies seek to make the juggling of user data unnecessary. For example, using a Facebook account one can log into an e-mail provider, streaming services and many other services.
But experts warn against this. The problem with single sign-on services is that the password used allows access to linked accounts, raising the risk if the password is lost, said Neumann. He recommends instead pass-word storage solutions which encrypt all log-ins and for which the user only has to remember one master password.
Two-factor authentication offers a relatively high level of security and is offered by major online services like Apple, Google, Facebook and Dropbox. This is where the user must confirm their identity using a second method during log-in, for example via a TAN (Transaction Authentication Number) code sent to their mobile. It’s a method often used for banking services.