European Cybersecurity Month: Our passwords are too weak
Share article:
Share article:

European Cybersecurity Month: Our passwords are too weak

© ECSM

Today sees the start of European Cybersecurity Month (ECSM), the eighth of its kind, coordinated by the European Union Agency for Cybersecurity (ENISA) and the European Commission, and supported by member states and more than 300 partners from across European industry.

The theme of this year’s campaign is Think Before U Click, emphasising questions of security in the ever-increasingly digitised world. The first half of the month is devoted to ‘Cyber Scams’ – the widespread fraud by various means which only seems to increase the more warnings are issued.

The latest: scammers who deliberately target people who have already been scammed once, presumably on the principle ‘Fool me once, shame on you; fool me twice, shame on me’.

The best way to battle fraudsters, the campaign suggests, is to recognise one when they show themselves.

The second half of the month is devoted to ‘Digital Skills’ – educational activities designed to improve information security. Those include information security and protection against cyber-bullying and cyber-stalking.

As our daily lives and economies become increasingly dependent on digital solutions, we need to realise that cybersecurity concerns us all,” said Margrethe Vestager, vice president of the European Commission for A Europe Fit for the Digital Age.

It is important to foster a culture of state-of-the-art security across vital sectors of our economy and society.”

Commission vice-president for Promoting our European Way of Life, Margaritis Schinas, said: “European Cybersecurity Month aims at raising our cybersecurity awareness and getting us up to speed with the cyber threats; it reminds us that we can easily step up our own cybersecurity by getting into some good digital habits. Cybersecurity is essential for our European way of life.”

But, as revealed by a study by the Belgian Centre for Cybersecurity (CCB), we have a long way to go. According to the Centre, people’s passwords in general are too weak. In addition, far too many people use the same easy-to-remember password for several or all of their online accounts: mail, social media, subscriptions and so on.

Concretely, 15% of all users have the same password for all of their accounts. If that is somehow broken, the user’s entire online access is compromised, from Instagram to bank accounts.

And breaking them is often child’s play: among the most common passwords are things like qwerty (azerty on a Belgian keyboard), 123456 and, believe it or not, ‘password’. Easy to remember, and just as easy to break.

Passwords are the keys to your virtual home,” said Olivier Bogaert of the Federal Computer Crime Unit. “Those are the keys that open your online safe.”

The experts recommend the use of two protections: two-step verification where available. That adds a layer of security to your accounts, by requiring not only a password, but a verification you are who you say you are by, for instance, sending a single-use code to your phone.

The second protective measure is a password manager – a secure cyber-vault which generates random and unbreakable passwords for each of your accounts. These come in the form of browser apps or stand-alone software.

I only know one password: the password for my password vault,” said Miguel De Bruycker, director of the CCB .

All my passwords are stored in that safe. The password vault also creates strong passwords of more than 20 characters for all my accounts, which I never have to know, let alone remember.”

Alan Hope
The Brussels Times