Secure password: It is better not to use some letters

Deepak Gupta February 23, 2022
Updated 2022/02/23 at 4:05 PM

In our everyday technological life with computers, smartphones and other devices, it is actually essential: a secure password. Finally, as digitalization progressed, new dangers emerged. In order to protect you and your data, you must choose the best possible password. However, clear tendencies are noticeable among people. This could certainly have negative consequences.

Secure password: These letters appear too often

It’s no secret that when it comes to coming up with a secure password, we tend to be lazy and lack creativity. There is no other way to explain that a list of the most popular passwords in Germany can exist at all. Of course, that shouldn’t be the case. But in addition to classics like “123456”, there is another trend, as security expert Tobias Schrödel now explains.

As a result, the most common letter used in German passwords is A. It occurs 10 percent of the time, while in conventional texts it accounts for only 6.5 percent. For comparison: E is the most frequently occurring letter in the German language at 17.4 percent, but only makes up 9.7 percent of passwords. But X, Y and Z are also popular options – in fact, they appear up to 50 times more often than in normal texts. In English, on the other hand, T is used 50 percent less than in ordinary usage. In Asia, on the other hand, one tends to have a particularly large number of numbers.

Brute force attacks made easier

Schrödel’s results are certainly of great interest for cyber security. It can be assumed that so-called brute force attacks, in which hackers want to crack passwords, user names or encrypted websites, could be made much easier. Only the location of the respective victim needs to be known in order to tailor the attack strategy to known preferences. Trying passwords could be much faster.

For his investigation, Schrödel used a database with a total of 2.5 billion passwords, the bigDB. There he first filtered for the top-level domains (e.g. .com, .org, .de) and then determined the frequency of the letters and characters. However, since TLDs such as .com, .net or .org are used internationally, the results cannot be entirely precise. In addition, the data at bigDB is at least five years old.

Nevertheless, you have to protect yourself as well as possible. Here you can find out what a password that is as secure as possible should look like.

Source: Tobias Schrödel

Share this Article
Leave a comment

Leave a Reply

Your email address will not be published.