Use a different, strong password for each of your accounts

Requirements AUAS ID password

Choose a different password for each of your accounts. A strong password has at least 12 characters and meets several other requirements. Change passwords annually and don't reuse them.

Hacks often come about as a result of cracked or stolen passwords. Using computers with strong processing power and password cracking dictionaries, criminals can quickly uncover weak passwords.

A strong AUAS ID password meets the following requirements:

  • It should consist of at least 12 characters and use at least 1 number, 1 upper-case letter, 1 lower-case letter and 1 special character. The longer, the better!
  • The password should not be reused for any other website or account.
  • The password should not contain any personal information. That means you should not use names or dates of birth of any family members or pets. Do not create passwords that resemble your email address, AUAS ID or username.
  • Ideally, it should be a phrase of at least 12 characters (using 1 number, 1 upper-case letter, 1 lower-case letter and 1 special character), preferably longer.
    Pick a phrase that’s easy for you to remember, but difficult for others to guess. For example: I*Had*2*Croissants*For*Breakfast.
  • You should change the entire password every year, not just one letter or character!
  • You’ll automatically receive an annual reminder to change your AUAS ID password. You can’t reuse any of the 10 passwords you last used for your AUAS ID.

If your password is not as strong as you thought it was, change it!

Change your AUAS ID password

Why use different passwords for each account?

This way, if a cybercriminal manages to crack one of your passwords, they won’t automatically be able to access more than one of your accounts.

Why use such long passwords with various types of characters?

Using computers with significant processing power and password cracking dictionaries – which list the most commonly used passwords – cybercriminals can uncover weak passwords quickly and easily. These cracking dictionaries also list the most common replacements of letters with special characters, such as using @ or 4 instead of the letter A. This allows cybercriminals to test thousands, if not millions, of passwords on an account in no time at all.

Creating and remembering passwords using a password manager

Generating and remembering all those password phrases can be demanding on your memory. If you use a password manager, you’ll only need to create and remember a single strong password, as this piece of software can generate new strong passwords for you.
Examples of password managers include 1password, bitwarden, dashlane and keepass. Bitwarden can be used for free.

Check whether you’ve been hacked. If the answer is yes, change your password immediately!

Cybercriminals often have access to databases with passwords obtained from hacks. That’s why it’s very important that you change your passwords regularly. Websites such as Check je Hack (Check your Hack) and haveibeenpwned allow you to check whether you’ve been affected by a particular hack or data breach. If you’ve indeed been affected, make sure to change your password immediately and consider using two-factor authentication.

Setting up two-factor authentication

For optimal security, you shouldn’t rely solely on a strong password, but you should also use two-factor authentication, which is essentially adding another lock to the door. The website veiliginternetten.nl has articles (in Dutch) on how to set up two-factor authentication (using SMS or an authentication app) for your social media and other accounts.

Last but not least, never share your passwords with anyone else. Sharing your AUAS ID password with others is strictly prohibited!

Published by  ICT Services CISO 29 November 2023