Is my password still secure? (2024)

The Leak Checker emerged from the research project EIDI ("Effective Information after Digital Identity Theft"), funded by the German Federal Ministry of Education and Research, and is operated by the start-up project "Identity Guard". The people behind it are three computer scientists from the University of Bonn - Timo Malderle, Pascua Theus and Prof. Michael Meier. They are receiving funding from the Startup-Transfer-NRW funding program to further develop the research results so that online services and companies can be offered ready-made products to protect against identity theft. For example, online stores can be protected from fraudsters who buy with stolen identity data.

The Uni-Bonn Leak-Checker uses a newly developed procedure that detects identity data leaks, evaluates them automatically and passes them on as a warning in accordance with data protection regulations. Especially the data protection and the information content are improved compared to other leak checkers: For example, with other providers you can enter any, even foreign, mail addresses and get the information about stolen account data displayed directly. This means that anyone can find out whose data has been leaked and which services this person is logged into. To prevent this from happening, the Leak Checker at the University of Bonn communicates directly with those affected by sending the result by e-mail to the checked e-mail address. "However, the user not only receives a reference to the provider with whom he or she has an account (for example, Twitter or Myspace), but is also shown fragments of his or her own leaked password," explains Timo Malderle, a scientist at the Institute for Computer Science at the University of Bonn and co-founder of Identity Guard. In this way, the user can remember the password in full, where he or she has used it, and then change it directly if it is still up to date.

Data is pseudonymized and encrypted

But it's not just the way in which the user is notified that creates pitfalls for the leak check. The procedure used by the scientists to analyze the data records must also comply with data protection requirements and master the difficulties of evaluation: In Bonn, the data is already pseudonymized and encrypted in a special procedure when it is read in. During analysis, the relevant characteristics, such as the password, the e-mail address, the user name or the date of birth, must be recognized and distinguished from one another. In the leaked data, however, both these identity features and the characters to separate them in a data row are not uniform. The Bonn researchers developed software for automated analysis to deal with this problem. "Personally, we don't even get to see which user makes a request to the leak checker," Malderle says in response. Everything from entering the mail address, pseudonymization, comparison with the leaked data record and the response to the user is done automatically.

The project at the University of Bonn uses only publicly available identity data leaks from the Internet or the so-called darknet, i.e. no leaks purchased by criminals. So far, the new software has been able to analyze around 25 billion data records, i.e. rows with matching identity characteristics - automatically and in compliance with data protection regulations. The team from the University of Bonn will also present these results at the renowned BSI Security Congress, where politicians and IT security experts will meet virtually in Bonn on February 2 and 3.

What can you do to protect yourself against Internet theft of personal data?

In Malderle's view, the most important measure is to protect one's e-mail account. After all, by resetting the password with other providers, it is possible to crack almost all other accounts via the e-mail address. When it comes to protection, "The longer and more complex the password, the better a user account is protected." A password should have at least 12 characters. However, 16 or more would be optimal. In addition, a so-called two-factor protection offers a significantly higher level of protection, for example, in addition to the password, the additional login with a one-time password or an SMS.

Moreover, it is much more secure to use a different password for each account. If the password is stolen from one service, then the other services where the same password is used are also immediately unprotected. So it is better to think twice if you really use the same password for different accounts. A password manager, which is also offered via the browser, can also help here in order not to lose track. "But you should never store your passwords digitally without encryption, i.e. on your computer or cell phone," says Malderle.

Further information on the Leak Checker of the University of Bonn: https://leakchecker.uni-bonn.de/

Information on the Identity Guard project: https://itsec.cs.uni-bonn.de/identity-guard/

Is my password still secure? (2024)
Top Articles
(ENG) Kobold Press 5a Ed. - Book of Ebon Tides - Flip eBook Pages 101-150
All Obituaries | Allen Funeral Home | Coosawhatchie (Ridgeland) SC funeral home and cremation
Great Clips Mount Airy Nc
Craigslist Pets Longview Tx
4-Hour Private ATV Riding Experience in Adirondacks 2024 on Cool Destinations
Practical Magic 123Movies
craigslist: south coast jobs, apartments, for sale, services, community, and events
Produzione mondiale di vino
Bed Bath And Body Works Hiring
State Of Illinois Comptroller Salary Database
Lesson 2 Homework 4.1
Ave Bradley, Global SVP of design and creative director at Kimpton Hotels & Restaurants | Hospitality Interiors
Hartland Liquidation Oconomowoc
Craigslist Apartments In Philly
Directions To 401 East Chestnut Street Louisville Kentucky
Simplify: r^4+r^3-7r^2-r+6=0 Tiger Algebra Solver
Tvtv.us Duluth Mn
NHS England » Winter and H2 priorities
Publix Super Market At Rainbow Square Shopping Center Dunnellon Photos
FDA Approves Arcutis’ ZORYVE® (roflumilast) Topical Foam, 0.3% for the Treatment of Seborrheic Dermatitis in Individuals Aged 9 Years and Older - Arcutis Biotherapeutics
Walmart Car Department Phone Number
Redfin Skagit County
Bn9 Weather Radar
UCLA Study Abroad | International Education Office
Craigslist Sf Garage Sales
Learn4Good Job Posting
Soiza Grass
Poster & 1600 Autocollants créatifs | Activité facile et ludique | Poppik Stickers
Free Robux Without Downloading Apps
Reading Craigslist Pa
Blasphemous Painting Puzzle
Convenient Care Palmer Ma
Easy Pigs in a Blanket Recipe - Emmandi's Kitchen
Vocabulary Workshop Level B Unit 13 Choosing The Right Word
The Conners Season 5 Wiki
SF bay area cars & trucks "chevrolet 50" - craigslist
Sand Castle Parents Guide
ESA Science & Technology - The remarkable Red Rectangle: A stairway to heaven? [heic0408]
Winta Zesu Net Worth
Rage Of Harrogath Bugged
Perc H965I With Rear Load Bracket
The Nikki Catsouras death - HERE the incredible photos | Horror Galore
Amy Zais Obituary
Sinai Sdn 2023
3367164101
The Largest Banks - ​​How to Transfer Money With Only Card Number and CVV (2024)
Walmart Front Door Wreaths
Sams La Habra Gas Price
Glowforge Forum
Round Yellow Adderall
Escape From Tarkov Supply Plans Therapist Quest Guide
What Responsibilities Are Listed In Duties 2 3 And 4
Latest Posts
Article information

Author: Foster Heidenreich CPA

Last Updated:

Views: 5857

Rating: 4.6 / 5 (76 voted)

Reviews: 91% of readers found this page helpful

Author information

Name: Foster Heidenreich CPA

Birthday: 1995-01-14

Address: 55021 Usha Garden, North Larisa, DE 19209

Phone: +6812240846623

Job: Corporate Healthcare Strategist

Hobby: Singing, Listening to music, Rafting, LARPing, Gardening, Quilting, Rappelling

Introduction: My name is Foster Heidenreich CPA, I am a delightful, quaint, glorious, quaint, faithful, enchanting, fine person who loves writing and wants to share my knowledge and understanding with you.