Quiz - Passwords

The following quiz contains questions that you can use to test what you have learned for yourself.

Instructions for the quiz (click here)
--- primary_color: '#1C90F3' title_color: black shuffle_questions: false shuffle_answers: true --- ## What is a password compared to? > Passwords are used to control access to sensitive and sensitive data. They are more comparable to the PIN of your bank card. 1. [x] A password has the function of a front door key. It is used to control access to data and systems. >**Right answer** 2. [ ] Password comes from "pass". It is a personal password that is encrypted in the passport. >Unfortunately not correct. Passwords are used to control access to sensitive data that requires protection. 3. [ ] A password can be compared to a bank card: it allows access to the bank account. > Unfortunately wrong. Passwords are more comparable to the PIN of your bank card. Only those who know the PIN can withdraw money. Like the PIN, passwords should be kept secret and not written down anywhere. ## What is the structure of a secure password? > Letters alone or meaningful combinations of letters and dates of birth can be easily guessed. Therefore, numbers etc. should also be used. 1. [x] In principle, a password should be at least eight, if possible 12 characters long, contain letters and numbers as well as upper and lower case, not be in the dictionary and not contain names, birth dates or car license plates. >**Right answer** 2. [ ] A password should only consist of letters. >Unfortunately wrong! Passwords should be at least eight characters long and contain letters and numbers as well as upper and lower case letters. They should not be in the dictionary and should not be names, birth dates or car license plates. 3. [ ] Passwords should be composed of personal information such as date of birth, pet's name, or similar. >Unfortunately, no. Passwords should be at least eight characters long and contain letters and numbers as well as upper and lower case letters. They should not be in the dictionary and should not be names, birthdates, or license plates. ## What is important when using passwords? > Passwords must be secret and difficult to guess. Therefore, they should not be found in any dictionary. They must not be written down or written down anywhere. 1. [x] Passwords must be secret. Therefore, they must not be written down anywhere and never given out. >**Right answer** 2. [ ] Passwords should be chosen from a thick dictionary. >Passwords must be secret and difficult to guess. Therefore they should not be in any dictionary. 3. [ ] After changing a password, it must always be written down and kept in a safe place. >This is wrong. Passwords must be secret and difficult to guess. They must not be written down or kept anywhere. ## Which example is the most difficult to guess? > Passwords that consist of only letters are too easy to guess. They should also have at least eight characters. 1. [x] GHalt!123ung >**Right answer** 2. [ ] salary >Unfortunately wrong. No capital letters, numbers or special characters were used. 3. [ ] salarypayment >This is too uncertain. Neither numbers nor special characters were used. 4. [ ] gH2! >The password is too short with only four characters. ## What to do if a password might be hacked? >You must make sure that nobody can misuse the password. 1. [x] Change the old password immediately. >**Right answer** 2. [ ] Immediately inform the data protection officer(s). >No. Rather, you must ensure that no one can misuse the password that has become known by changing it immediately. 3. [ ] Inform the suspicious person that only you are allowed to use your password. >This is wrong. You must rather make sure that nobody can misuse the password that has become known by changing it immediately. 4. [ ] Switch off the computer immediately and unplug the power cord. >Unfortunately, this is wrong. You must ensure that no one can misuse the password that has become known. You must change your password immediately. ## What constitutes a possible "social engineering" attack? > You must be alert when persons unknown to you ask for access data or other confidential information. 1. [x] A nice phone call from an IT department employee you don't know, asking her to give her your access data. >**Right answer** 2. [ ] Inquiry from a colleague about a chain letter received by e-mail. >No. Such a call does not constitute social engineering, as no internal information has been requested. Refer the person to the [contact persons](/en/200-ansprechpersonen/. 3. [ ] An information from your department management that you have received a virus. >Unfortunately not correct. Such a call is order and does not constitute social engineering, since no internal information has been requested. 4. [ ] A message about a lost USB stick. >Unfortunately incorrect. This message does not constitute social engineering because no internal information has been requested. You should forward the person to their [contacts](/en/200-ansprechpersonen/.