To path indicator Subpages of “Newsdetail“ To navigation To quick access To footer with other services
To content
Logo: ITMC - IT & Medien Centrum
Studierende sitzt am Arbeitsplatz und schaut auf den Laptop. © Aliona Kardash​/​TU Dortmund
Better passwords for the TU

Better passwords for the TU

Green megaphone © Karolin Kriesch​/​TU Dortmund
Stolen passwords are used for attacks worldwide, including at TU Dortmund University. When you change your password, the system checks whether it is already in known databases with stolen passwords. If this is the case, you will receive a warning and should choose a new password.

Stolen passwords are used for attacks worldwide, including at TU Dortmund University. When you change your password, the system checks whether it is already in known databases with stolen passwords. 
If this is the case, you will receive a warning and should choose a new password. 

Important: Your password will not be sent to external servers! 

An encrypted code (a so-called hash) is first generated from your new password. Only the first part of this hash is sent to the external service "Have I Been Pwned". The service responds with a list of hashes that match this part. The complete hash and the final match remain exclusively on the TU Dortmund University servers. Thanks to the K-anonymity principle, it is possible to check whether your password is already known without the password itself or the complete hash ever leaving the TU systems. The sic (Security Information Center at the ITMC) has tested the procedure used and rated it as secure. 

More information: 
https://en.wikipedia.org/wiki/Haveibeenpwned 
https://en.wikipedia.org/wiki/K-anonymity 

You can also try out the function without changing your password: Simply enter it on the password change page https://service.tu-dortmund.de/group/intra/uniaccount-passwort in the new password field without clicking on "Set new password".