3 min Reading Time<\/p>\n
On “Change Your Password Day” on February 1, 2025, the Bitkom industry association published figures on how Germans handle their passwords. The results are sobering.<\/strong><\/p>\n Behavioral research suggests that people can remember things more easily if they act them out or dance them out. With numbers, letters, and special characters for passwords, one would have to exert oneself quite a bit for that.<\/p>\n Many prefer their beloved sticky notes or memorable combinations of letters and numbers like “password” or “123456,” the name or birthday of a child or other family members. If at least one number and a special character are required, they append these at the end or insert them in the middle.<\/p>\n The figures presented by Bitkom on “Change Your Password Day” on February 1, 2025, show that many people are still just as reckless in choosing their passwords and thereby open the door to cybercriminals. And not just in the private sphere, but even worse, in the business environment as well.<\/p>\n Around a quarter (23 percent) of the 1,021 internet users aged 16 and above surveyed in Germany on behalf of Bitkom admitted to deliberately choosing simple passwords to remember them more easily. A third (33 percent) of those surveyed confessed to using the same password for different services.<\/p>\n “Change Your Password Day on February 1 is a good opportunity to get an overview of your own passwords now and say goodbye to simple or reused ones and replace them,” emphasizes Bitkom security expert Felix Kuhlenkamp.<\/p>\n He further states: “But those who choose good passwords and combine them with two-factor authentication wherever possible or use passkeys right away don’t need an annual reminder day to change their passwords. That’s only necessary if there are indications of data leaks.”<\/p>\n Avoid simple passwords<\/strong> made from easily guessable personal terms and numbers like the name or birthday of a child or partner. Better is a combination of different words and syllables, preferably with uppercase and lowercase letters, numbers, and special characters – the longer, the more secure.<\/p>\n Do not reuse passwords<\/strong>, but use a unique one for each online service. This should apply especially to central online services like those of email providers and for other services where account details are stored. Combining the same password with different numbers and special characters is also not advisable.<\/p>\n Do not use sticky notes or simple text files<\/strong> to write down passwords because they are easily found and visible. It is better to use password managers, which are also available as apps for smartphones. Then you only need to remember the master password or can open the respective password with a fingerprint or iris scan.<\/p>\n Two-factor or even multi-factor authentication<\/strong> is particularly advisable under the motto “two is better than one” when it comes to accessing bank accounts or corporate data. Because even the strongest passwords can be cracked. Some services offer a combination of password and fingerprint via the smartphone, providing double security.<\/p>\n Passkeys are considered a particularly secure alternative to passwords<\/strong>, where identification and release occur purely via fingerprint, facial recognition, or a generated PIN similar to a TAN generator for online banking. Instead of a more or less easily memorable password, two very long, cryptic keys are issued during registration. One remains as a “private key” on the device and never goes outside, so it cannot be “intercepted.” The other part, the “public key,” goes to the provider and is stored there. Together with the biometric or PIN-generated identification, this makes passkeys particularly secure.<\/p>\n Deliberately simple passwords:<\/strong> 23 percent of respondents<\/p>\n Password reuse:<\/strong> 33 percent use the same password multiple times<\/p>\n Immediate updaters:<\/strong> Only 30 percent install updates immediately<\/p>\n Sample size:<\/strong> 1,021 internet users aged 16 and above (Bitkom, February 2025)<\/p>\n Safest alternative:<\/strong> Passkeys with biometric identification<\/p>\n Fact:<\/strong> According to a Bitkom study, 29 percent of Germans use the same password for multiple online services.<\/p>\n Fact:<\/strong> The Verizon DBIR 2024 shows that 81 percent of all hacking-related data breaches are due to weak or stolen passwords.<\/p>\n Simple passwords like “123456” or birthdates can be cracked by brute-force tools in seconds. Cybercriminals use automated tools that test millions of combinations per second. The shorter and more predictable a password, the faster it is compromised.<\/p>\n A secure password combines uppercase and lowercase letters, numbers, and special characters with a minimum length of 12 characters. Ideally, it consists of several unrelated words or syllables. Crucial: Use a unique password for each service.<\/p>\n Passkeys replace passwords with a cryptographic key pair. The private key remains on the device and is never transmitted. Identification occurs via fingerprint, facial recognition, or PIN. Since no password exists that can be stolen, passkeys are immune to phishing.<\/p>\n Yes. Password managers generate and store secure, unique passwords for each service. The user only needs to remember one master password. Good managers also offer warnings about data breaches, automatic filling, and synchronization across devices.<\/p>\n 2FA supplements the password with a second factor – such as a code via SMS, authenticator app, or biometric verification. Even if a password is stolen, attackers cannot access the account without the second factor. Especially indispensable for banking and corporate data.<\/p>\n What Germans spend on IT security: 5.10 \u20ac – no more for IT security (Security Today)<\/p>\n Cloud identity management and access security: cloudmagazin.com<\/a><\/p>\n Digital security as a business factor: mybusinessfuture.com<\/a><\/p>\n cloudmagazin<\/a> | MyBusinessFuture<\/a> | Digital Chiefs<\/a><\/p>\n Header Image Source: Unsplash \/ Towfiqu Barbhuiya<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"3 min Reading Time On “Change Your Password Day” on February 1, 2025, the Bitkom industry association published figures on how Germans handle their passwords. The results are sobering. TL;DR 23 percent of Germans deliberately choose simple passwords to remember them more easily. 33 percent use the same password for different services. Passkeys as an […]","protected":false},"author":55,"featured_media":3378,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_yoast_wpseo_focuskw":"simple passwords","_yoast_wpseo_title":"","_yoast_wpseo_metadesc":"One in four uses weak passwords\u2014discover why strong passwords matter and how to protect your data. Learn more and secure your accounts today!","_yoast_wpseo_meta-robots-noindex":"","_yoast_wpseo_meta-robots-nofollow":"","_yoast_wpseo_meta-robots-adv":"","_yoast_wpseo_canonical":"","_yoast_wpseo_opengraph-title":"","_yoast_wpseo_opengraph-description":"","_yoast_wpseo_opengraph-image":"","_yoast_wpseo_opengraph-image-id":"","_yoast_wpseo_twitter-title":"","_yoast_wpseo_twitter-description":"","_yoast_wpseo_twitter-image":"","_yoast_wpseo_twitter-image-id":"","footnotes":""},"categories":[251],"tags":[],"class_list":["post-7205","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"wpml_language":"en","wpml_translation_of":3374,"_links":{"self":[{"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/posts\/7205","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/users\/55"}],"replies":[{"embeddable":true,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/comments?post=7205"}],"version-history":[{"count":3,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/posts\/7205\/revisions"}],"predecessor-version":[{"id":9999,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/posts\/7205\/revisions\/9999"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/media\/3378"}],"wp:attachment":[{"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/media?parent=7205"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/categories?post=7205"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/tags?post=7205"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}TL;DR<\/h2>\n
\n
“123456” or “Password” a No-Go<\/h2>\n
5 Tips for More Secure Online Access:<\/h2>\n
Key Facts at a Glance<\/h2>\n
Frequently Asked Questions<\/h2>\n
Why are simple passwords so dangerous?<\/h3>\n
What makes a secure password?<\/h3>\n
What are passkeys and why are they considered more secure?<\/h3>\n
Is a password manager worth it?<\/h3>\n
What is two-factor authentication (2FA)?<\/h3>\n
Further Reading in the Network<\/h2>\n
Related Articles<\/h2>\n
\n<\/ul>\n
More from the MBF Media Network<\/h2>\n