LINUXMAKER, OpenSource, Tutorials

Secure logins and passwords to protect online accounts

The first line of defense on the Internet is a secure login. In addition to strong passwords, the recommendation now applies to protect online accounts with a second factor.

The Internet today is basically a collection of many databases linked to web portals. Regardless of the purpose of the databases, streaming services, online shopping, social media or access to the company workplace from outside, you need a login.
The login itself is a combination of username and password. The user name can already take different forms: e-mail address, customer number, random name, etc. In the meantime, there are technical possibilities to add another factor to the login, so that another device must be in the possession of the user.
At the same time, people in Germany now have more than 10 online accounts, with the side effect of using the same password everywhere and also making it as easy as possible.

Basic rules for secure online access and accounts

There are basic basic rules to set up your own online accounts securely. You should generally consider the following for a secure login:

  • For each of your important online accounts, you generally use a separate, separate password:
    Each personal access must be protected with its own and, above all, strong password. Password managers like KeePass2 can be a very useful support for password management.

  • If it is offered, use two-factor authentication:
    Many service providers today offer a second authentication factor in addition to the password. That is u. A. an SMS code via mobile phone or a special USB stick with a key. This double access (2FA for short) is more secure, as it also requires direct access to the device stored for authentication.

  • Your login data must generally be kept secret:
    If you write down passwords, then keep the note in a secret place, but never on your computer screen or under the keyboard. Alternatively, there are also Calc or Excel files that are stored encrypted on external data carriers (USB stick, hard drive). Furthermore, you only share access rights to the logins via protected channels, never in an unencrypted email.

  • The access rights to your online account must be checked:
    In this way, you can generally set the automatic notification of unusual logins in your account in order to be informed about unwanted login attempts and to be able to act faster.

  • Take current cases of password theft and data leaks seriously:
    Since access data repeatedly falls into the wrong hands, it is very important to change your password in good time. Websites like Heise-Security and bsi-für-bürger keep you up to date and at the same time offer recommendations for action.

Create strong passwords

In everyday life, a strong password for your accounts remains the first line of defense against attackers from the Internet. A secure password does not have to be difficult to remember automatically. A popular method is the passphrase method (Mantra). Make up a sentence that is easy to remember. Now always take the first letter of the individual words as well as the numbers and special characters and combine them to form a new word.

For example:
I am going to soccer practice this afternoon at 4:30 p.m.!
the secure password:

Leat-Speak ist eine weitere beliebte Methode:
Leetspeak ist eine einfache Möglichkeit ein Wort so zu verändern, dass es als sicheres Passwort eingesetzt werden kann. Dazu werden Buchstaben durch Sonderzeichen und Zahlen ersetzt. So kann zum Beispiel aus einem E eine 3 werden, oder aus einem S wird das Sonderzeichen §.

For example:
Password security
the secure password:

If you use many different logins in your private or professional life, you can also use password managers like KeePass2 and help increase the security of your own accounts. Password managers save the login data encrypted like in a digital key box and are only accessible with a master password. In addition, they usually have a function to generate strong and secure passwords.

However, it is generally important that nowadays a password is only really safe from 10 characters (digits, letters with upper / lower case and special characters) and it becomes really strong from 16 characters. When using password managers, it does not matter how complex and whether the password used has more than 16 characters, as you generally only need a single password to unlock the password manager.

Our recommendations for a strong password:

  • Use long passwords:
    Strong passwords consist of around 10-20 characters.

  • Use complicated strings:
    Avoid words that are related in the dictionary. Instead, use a unique combination of lowercase and uppercase letters, numbers and special characters.

  • Rely on meaningful instead of regular password changes:
    Changing passwords is particularly useful in the event of unusual account activities, changes to access rights or when data leaks become known.

  • Use the password card:
    The password card helps you to create secure passwords using a coordinate system made up of permitted characters of any length.

Checklists - safe digital work

Since the beginning of the corona pandemic, many companies have also been organizing their work via home office regulations. The tips from IT-LINUXMAKER in a practical checklist format show what needs to be considered.

You can find all checklists for safe digital work here:


Our fees depend on the service/product and the scope. Therefore, we can only state our fees in an offer if we already know your request.


Consultation request