Consumers care about privacy

Federal Ministry of Justice and Consumer Protection

Insecure passwords and the lack of security settings in your browser make it easy for third parties to gain access to your sensitive data. You can protect yourself against accidental data loss with a few safety precautions.

Buying tickets, online banking or reserving concert tickets for the evening - we now do many of our daily business quickly and easily over the Internet. Just as we do not allow third parties to look over our shoulder when paying in stores, we should also protect ourselves from unwanted readers and data thieves on the Internet. Regular security updates, a firewall and virus protection help prevent data loss. The protection of your privacy in social networks and secure passwords are also important.


The password should consist of at least eight characters - numbers and special characters as well as upper and lower case letters can be used. Do not choose dates that are easy to guess, such as your name combined with your date or year of birth. Susi85 would be easy to remember as a password, but it is also easy for hackers to decipher. Also from a keyboard sequence like "yxcvb"Or"12345“Is not advised. Professional hackers use programs with which they try out all possible combinations of numbers and letters fully automatically. Password generators on the Internet like gute will help you to find a secure password.

So that you don't forget secure passwords, build donkey bridges and always use the first, second or third letter, for example.
Example: My dog ​​hunts 4 ducks in the pond once a day. From each second letter the password is then: Eua1aä4Nme.

Since long and complicated passwords are difficult to remember, many resort to an avoidably simple solution and simply use one password for all pages. However, this is dangerous: If a data thief has managed to crack your password, he has access to all of your accounts. It is therefore essential to use different passwords. And replace them regularly.

Two-factor authentication

Two-factor authentication ensures additional protection. In addition to your password, you have to identify yourself using a different method. This can be done, for example, by entering a code that is sent to your smartphone as an SMS or a TAN generator. Many Internet providers now offer two-factor authentication.

You can check whether your identity data has already been spied on on the website of the Hasso Plattner Institute at the University of Potsdam. Simply enter your email address in the free field and click on the "Check email address!" Button. You will receive the desired answer within a short time. If your data is already freely accessible on the Internet, you should change your passwords immediately.

Manage emails securely

Our e-mail account is our electronic mailbox. While we used to send letters by post, today we do a large part of our communication by email. But just as we would not allow third parties to look into our letters without being asked, we should also protect our e-mail inbox from spies.

Given the large number of mail providers, it is not easy to choose the provider who, in addition to useful functions such as a spam mailbox for unwanted advertising, also guarantees us sufficient security. Some providers search your activities specifically for marketing purposes. When choosing the right provider, you should make sure that:

  1. as little data as possible is collected about you and
  2. an encryption technique is available for sending and receiving.

In the case of particularly sensitive data, this should be so-called end-to-end encryption. If, on the other hand, less important information is involved, such as the email to your best friend with the new baking recipe, so-called transport route encryption TLS (Transport Layer Security) is sufficient. Many providers already include such a function. Some providers such as GMX or Telekom use "E-Mail made in Germany". The providers guarantee each other that they will transmit the emails in encrypted form.
You can find out more about other dangers and security loopholes for your e-mail program at
When it comes to the security of your e-mail account, you should always keep in mind that many Internet providers use your e-mail address as a log-in. If data thieves have gained access to your mailbox, they can reset and change passwords - and then dial in to the provider under your name. You should therefore always use a secure password for your email account. The better the password, the more difficult it is for third parties to guess.

Safe in social networks

Maintain friendships on Facebook, share pictures on Instagram and look for a job with your professional profile on Xing or LinkedIn. We often move around in social networks - and in doing so we also reveal very personal details about ourselves. The pictures of the last birthday or vacation are uploaded quickly and can be given a "like" symbol by friends. However, the uncomplicated sharing has its disadvantages: In addition to our confidants, strangers also have access to our personal information. Companies take advantage of this to send you advertising, for example. Sometimes the pictures end up on pages that you would rather not see them on.

Once the images are online, it's hard to get them out of there. You should therefore always think carefully about what information you put into which network - and whether you can possibly do without it.
As social network providers keep changing their privacy settings, you should check them regularly. Please also read the general terms and conditions and the data protection regulations of the internet providers.

The BSI has put together further information for you on how to use social networks safely.

And of course, think about the security settings for your computer such as the firewall and the regular security updates.

Set up your computer securely

If you want to be safe on the Internet, you should surf with an Internet browser that regularly offers security updates. The Federal Office for Information Security (BSI) has put together an overview of the common browsers and security measures.
Keep that in mind. That the regular updates for more security are not just available for your browser. For your operating system and installed programs such as Flash Player, Adobe Reader or virus protection programs, it is best to activate the "automatic updates" function in the respective settings of the program.

You have probably heard the term firewall before. Wondering what a firewall is doing in your computer? Every query on the Internet opens the door to your computer for malware. The firewall should protect against unwanted access from the network. Like a bouncer, she controls everything that comes out of the network. The program has a list of approved addresses at hand. If the address that wants to access your network is not on the guest list, the firewall will block the sender. You can activate a firewall with the standard settings in your operating system.

Sensitive processes on the Internet, such as online banking, should always be encrypted. An SSL / TLS protocol (Secure Socket Layer / Transport Layer Security) ensures that only the accessed website and your browser communicate with each other - unwanted readers are excluded from the conversation. The technology is now supported by all common browsers. You can tell whether a secure connection exists by the fact that at the beginning of the address line after the “http” there is an “s” for secure, the English word for secure.
What happens with an https address is as follows: The browser checks whether the provider of the requested page can present a valid certificate. An independent certification authority issues one after it has checked the page and verified its authenticity. If the site lacks such a certificate, a warning will appear on your screen. You should then take no further action and exit the page. In addition, a lock symbol at the beginning of the address line indicates security. You can view further information by clicking on the symbol.


Have you ever been shown flights to the USA or hotel deals in Hamburg that you were looking for recently? This is made possible by so-called cookies. If your browser sends a request to a website, it sends a response - and sends cookies at the same time. The cookies can then store information about what you are looking for and what actions you have taken on the page. The web provider can then call up this information and receives information about your surfing behavior. This enables him to create detailed profiles that he uses for marketing purposes.

You should avoid traces on the internet as far as possible and therefore check your cookie settings in your browser. Delete cookies every time you close your browser, but at least at regular intervals. This also prevents others who use your computer from surfing the net under your profile on Internet pages to which you are still logged in.

You can manage cookies via the settings in your browser.

If you do not want to forego all of the data saved in your browser, there are a number of cookie settings that, for example, allow exceptions for certain pages.

Further information