Do you know what a strong password looks like? Do you know what two-factor authentication means? Test your knowledge!

#1. A password is still one of the most important credentials to secure your online account. Is it more important for your security that your password is long with many characters, or is it more important that your password is complex with many different characters?

If you answered a): 

Yes, but only a long and complex password is really safe.

If you answered b): 

No. Mathematically, the length is more important than the complexity, but only a long and complex password is really safe. A password should not be shorter than 12 characters and you should not use the same password for various accounts.

#2. Why is it important to use a password management system?

If you answered b): 

No. A password management system does not warn a user, but stores passwords. Users can access the password box with a master password, and do not have to remember all their passwords, but only one.

If you answered c): 

No. Although some password management systems might automatically paste in the password of a platform, the latter cannot access in plain text to your password.

#3. What is the core benefit of a two-factor authentication (2FA)?

If you answered a): 

No. Although 2FA blocks most of the attacks, very powerful adversaries may find a way to circumvent it. For example, they already know the password and spies on a smartphone on which a code is created as the second credential. While this is a very sophisticated attack, it is possible.

If you answered c): 

No. If you enable a 2FA on your account, the platform (social network, email provider) is probably still able to access it as well without letting you know it.

#4. You add to your log-in process a so-called “security question.” For example, you have to answer the question “Where was your mother born?” after you typed in your password. Is this a two-factor authentication (2FA)?

No, two steps is not always considered a secure two-factor authentication, as it has to be two different kinds of log-in factors. For example, a knowledge-based authentication (entering a password that you know) combined with a possession-based authentication (entering a temporary code generated on your phone, which you have to possess at that moment) is a 2FA.

#5. Is it dangerous to click on a link of a sender you do not know in a message you do not expect, and if yes, why?

If you answered a): 

Not every link is dangerous indeed. However, phishing is still one of the most common threats for journalists online – and it mostly comes with a non-trustworthy link. You should be very careful clicking on something you are not absolutely sure about.

If you answered b): 

No, this is at least very, very unlikely. The click itself will probably not empty your account – but a spyware can be downloaded, with which criminals steal your bank information and make transactions.

Finish

Results