The tasks of the information security officer (ISB) include:

  • investigate security incidents
  • controlling status of information security
  • creation of security policies and concepts
  • raising awareness of information security, for example through training
  • support and advice in the implementation of security measures



Prof. Dr. Florian Adamsky | University of Applied Science Hof

Prof. Dr. Florian Adamsky

Department of Computer Science
Computer Science

Hochschule Hof
Alfons-Goppel-Platz 1
95028 Hof

Room: G 134
Phone +49 (0) 9281 / 409 4860
Fax: +49 (0) 9281 / 409 55 4860
E-Mail: florian.adamsky@hof-university.LÖ

Moodle Course IT-Security


This Moodle course contains videos from the Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik, BSI), the State Office for Information Security (Landesamt für Sicherheit in der Informationstechnik, LSI) and our own videos on the three topics:

  • Secure password
  • Password manager
  • Phishing emails.

There is also the option to take part in voluntary tests and thus checking your knowledge.

Time: approx. 30 min

Link to Moodle course

How to identify phishing e-mails


The term phishing is derived from "fishing". Attackers try to steal confidential data from users using fake websites, e-mails or SMS. For instance, this can be passwords, account or credit card information, which the attackers can then use for their own purposes.
Often, the aim is to trick users into opening special files in the attachement of an e-mail and thus installing malware on the victim's device.

Phishing e-mails are not always easy to spot. Attackers use social engineering techniques to unsettle and lure their victims. They often use freely accessible information and in this way give a trustworthy impression.


The following hints can indicate a phishing e-mail:

Fake e-mail addresses

  • Is the sender's email address correct?
  • Can the sender confirm they sent an e-mail?

Request for confidential data

  • Phishing e-mails often ask to disclose credentials

Grammar and spelling mistakes

  • Check for spelling mistakes in the text.

Links to fake websites

  • Check links in e-mails carefully by first hovering over them with your mouse.


  • Does the e-mail signal urgency or is urgent action required?


  • Never open files attached to a suspicious e-mail.


If you receive phishing e-mails or are unsure whether it is a phishing e-mail, you can forward it to security@hof-university.LÖ at any time.

Further information about phishing is available on the BSI website.


Password Security


The most important aspects for secure passwords:

  • at least 12 characters
  • do not use names, words or personal information
  • combine letters, numbers and special characters
  • don't share with anyone
  • don't write them down
  • do not use passwords more than once
  • use a password manager
  • use a password generator

Year after year, "123456" or "password" ranks very high on the list of most common passwords. Attackers can figure out simple passwords like these with their tools within a few seconds and then have access to the user's account.

Therefore, it is important to use complex passwords and different passwords for various user accounts. By using different, random passwords, you prevent attackers from gaining direct access to all your accounts in the case of publication.

Since it is difficult to remember all passwords, they are often written down and taped to the monitor or stored in an Excel spreadsheet.

However, you should definitely refrain from doing this, as this would allow third parties to gain access to the passwords!

Instead, we recommend using a password manager (e.g. KeepassXC). There you can store all passwords, for example for external websites, and do not have to remember them. In the Moodle course for IT-Security (German language) we have created instructional videos that you can watch to get an overview.

The following password guidelines apply:

The password:

  • must consist of at least 12 characters
  • contains three of the following four categories:
    • Upper case: A-Z
    • Lower case: a-z
    • Numbers: 0-9
    • Special characters: + < > - _ * ! # % = . , ( ) : ; `
  • must not be identical to the last 10 passwords used
  • must not contain any repeating or consecutive characters (e.g. aaaaaa, 1234abcd).
  • must not contain context-sensitive words, such as the name of the service, username, first name, last name and derivatives thereof


If you forgot your password, you can reset it via the self-service-portal. Requirement for this is that you have already set up the necessary security questions. If you have entered your password incorrectly several times and your account is (temporarily) blocked, you can also reset your password via the self-service portal.



For convenience, notifications of new updates are often simply clicked away or postponed until later. But that could make it easy for attackers.

Often updates not only add new functions to software or fix bugs, but also eliminate critical security gaps.
If updates are regularly installed on all devices, there is a much lower risk of malware getting onto them.

Further information and notes about updates can be found on the BSI website .

Other contacts

 Sebastian Pahl | University of Applied Science Hof

Sebastian Pahl


Hochschule Hof
Alfons-Goppel-Platz 1
95028 Hof

Room: G 136
Phone +49 (0) 9281 / 409 6605
Fax: +49 (0) 9281 / 409 55 6605
E-Mail: sebastian.pahl.3@hof-university.LÖ


 Katharina Schiller | University of Applied Science Hof

Katharina Schiller


Hochschule Hof
Alfons-Goppel-Platz 1
95028 Hof

Room: G 136
Phone +49 (0) 9281 / 409 6604
Fax: +49 (0) 9281 / 409 55 6604
E-Mail: katharina.schiller.2@hof-university.LÖ




Campus Hof

95028 Hof

Campus Münchberg

Kulmbacher Str. 76
95213 Münchberg

Campus Kronach

Kulmbacher Straße 11
96317 Kronach

Fon: +49 (0) 9281 / 409 3000

Campus Selb

Wittelsbacher Str.41
95100 Selb
Fon: +49 (0) 9281 / 409 3000