DiFü-logo
Start Home
Please enter a valid email address
Please enter your password
Lost password?

Create an account and save your progress

Please enter a valid email address
Please enter a password

To issue certificates, we also need your name and date of birth

Please enter your name
Please accept our terms and conditions to proceed
Exam Topic exam

D3 | Logins and passwords

This module will teach you everything you need to know about passwords and two-factor authentication.

  • When you log in, you identify yourself as the person who is authorized to access the personal information on an account or profile. This could include business or project files, emails to business partners, or your company’s account with an online shop. This confidential data should not be accessible to everyone.

    Ein Schlüssel.

    Logins and passwords are like keys to a safe, and the stronger your password is, the harder it is to crack the safe. A strong password is the best protection against cyber-criminals, who are unfortunately constantly trying to access your user accounts to misuse them for their own interests.

  • Reihe von Sternchen, die ein verstecktes Passwort symbolisieren.

    12345″ is not a strong password. Criminal hackers can crack simple passwords like this one in just fractions of a second. The following traits are all properties of a strong password:

    Choose different passwords for different accounts. For example, the password for the social network you use privately (e.g., Facebook) should not be the same as the one you use for your professional social network (e.g., LinkedIn). This is important, because if a hacker actually guesses your password, only information from one account will be compromised, instead of all your accounts.

    A password length of at least ten characters is recommended, and more characters will bring even more security.

    A strong password will contain uppercase and lowercase letters, special characters, and numbers.

    Avoid dictionary words, strings of numbers such as your birthday, and common keyboard patterns (such as “qwerty”). Use made up words that can’t be found in any dictionary.

  • Of course it’s hard to remember long, complicated passwords – especially for multiple accounts! Here are a few practical tips on how to keep track of passwords, and what you can do if you forget one:

    Use the mnemonic method

    Choose a sentence that you can memorize well, and enter the first two letters of the words. For example: “Star Wars 1 is better than Star Wars 2 and 3.” This yields: “StWa1isbethStWa2+3

    Add to your password for other accounts

    You can then simply add to your standard password for the next account. On YouTube, for example, you can use “StWa1isbethStWa2+3&YT” as a password.

    Auf einem Teller liegen drei Pizzastücke. Dahinter ist Käse und eine Flasche Rotwein zu sehen. Unter dem Teller steht Icesge3StPimi2SoKä,+We

    Don’t panic if you forget your password. All providers have included a link on the log-in page for this case. As a rule, this is called “Forgot your password?” If you click on it and follow the instructions, you can easily change your password.

    Some browsers offer the option to save your passwords. It’s better not to take advantage of this option, since it offers no protection. We recommend using password managers instead.

  • Many online providers offer two-factor authentication (2FA) to make it more difficult for hackers to access your accounts. As the name suggests, logins with 2FA consist of two components: your password and some other code. While your password remains fixed, an authentication code will be newly generated and sent to you every time you log in. Here is an overview of the possibilities:

    Authentication via SMS

    You will receive an SMS with the authentication code on your smartphone, usually in the form of a numerical code that have to enter. Make sure to keep your work life separate from your private life by not using your work phone to log into private accounts.

    Authentication via phone call

    You will receive a call in which the second authentication code will be told to you. Just write it down and enter it through the login screen. Make sure to separate your work life from your private life by not providing your private mobile phone number to authenticate accounts for work purposes.

    Authentication via authenticator app

    If you use an authenticator app, it automatically reports when you are trying to log in and asks you to confirm by pressing a button. Instead of having to enter a second code, you can just tap “Confirm” on your smartphone. The app must be installed and linked to your account before attempting to log in. Make sure to separate your work and personal life by not authenticating your private accounts with your company cell phone.

    Authentication via facial recognition

    Some smartphones and tablets allow you to log in through facial recognition. In the case of Apple iPhones, this is called “Face ID.” After logging in with your password, the iPhone requires you to hold your face up to the camera, and in a few milliseconds you are able to access your account. Hackers don’t stand a chance against this technology.

    Authentication via fingerprint scanner

    In addition to facial recognition, there are also laptops and mobile phones that feature fingerprint sensors. Simply place your finger on the phone’s sensor to gain access.

    1. Use your smartphone to log into the account that you would like to set up with 2FA.
    2. Go to Settings and look for the categories “Privacy,” “Security,” “Account,” or “Login.” These are usually the names of the menu categories where you will find the option to activate two-factor authentication.
    3. If there are multiple options, click on the SMS option and enter your mobile number. You will then have to send an SMS from your phone to confirm the number is correct.
    4. You’re all done! From now on you will receive a secondary authentication code to enter after providing your normal password.
    1. Go to your phone’s app store and download an authenticator app such as “Google Authenticator,” “LastPass,” “Authenticator,” or “Microsoft Authenticator.” It doesn’t matter which app you choose to download.
    2. Next, log into the account you want to enable 2FA for and enter your account’s settings. Search for the categories “Privacy,” “Security,” “Account,” or “Login,” which is where you will usually find the option to activate two-factor authentication.
    3. Next, select the “App” option and confirm it. The page will then generate a QR code that you can scan with your authenticator app.
    4. You’re all done! Your app is now linked to your account.
Progress Level 1 – Business