_{1. Challenge}

Password management as a weak link: “Reuse is killing”

Joanknecht realized that two things needed to be structurally better: managing passwords and controlling access. In a modern organization with hybrid workplaces and dozens of SaaS tools, this poses risks, for example when someone leaves employment or when action has to be taken quickly in the event of an incident.

Lucas Vousten, CISO and partner: “Reusing passwords is killing. Once you get hacked somewhere, you're open everywhere. In addition, we want to be able to revoke access with one click when you leave employment. Without central control, that cannot be guaranteed.”

Lucas also saw the same blind spot among their customers. During various audits, among other things, it became clear how often organizations actually do not have a good overview of their own application landscape. “The biggest danger we face is that people simply don't know what they have. Sight is step one. You can only protect what you know,” says Lucas.

What looked like a technical problem ultimately turned out to be organization-wide. Secure passwords and access control affect the entire company. So a good solution had to be more than safe. Also workable, centrally manageable and easy to apply in daily practice.

‍

_{2. Approach}

This is how MindYourPass helps make safe behavior a matter of course

Joanknecht works as an accounting firm with a lot of sensitive data, so it made sense for Lucas to put security in order — and passwords, as a known weak link, were the starting point. Instead of a traditional password vault, he was looking for a solution that was more secure and smarter. He ended up at MindYourPass.

The implementation was rolled out step by step, as part of a broader approach to information security and awareness.
‍

“People shouldn't just use something because they have to. They need to understand why and that it's also about their own data.” - Lucas Vousten, CISO and partner joanknecht

‍

They started with the core: critical applications with sensitive or business-critical data. There, the use of MindYourPass was made mandatory. At the same time, we actively worked to build support. Both enthusiastic and critical employees were involved in the pilot. “It was precisely the colleagues who were skeptical in the beginning that later became the greatest ambassadors,” says Lucas. “That credibility helps enormously.”

‍

_{3. Result}

Friction-free safety

‍An important accelerator of adoption was the link between MindYourPass and Windows Hello. Employees can now log in to any site and application with a fingerprint or facial recognition, for example via their phone. Lucas saw this as an opportunity to really bring safety and ease of use together: “If it's difficult, people drop out. With biometrics, you remove a barrier. You put your finger on the scanner or look at the camera, and you're inside. How easy can it be?”

In addition, MindYourPass makes it possible to centrally manage access. If someone leaves employment or there is a risk, you want to be able to act immediately. “We don't want to have to guess who still has access. MindYourPass gives us that control in one click.” This is especially important in a world of SaaS solutions and fragmented access.

Because MindYourPass generates passwords automatically and users no longer have to remember them, working safely becomes a lot easier. Employees only remember their easy-to-remember passwords. The rest happens naturally. This lowers the threshold and makes safe behavior feasible in practice, says Lucas.

Finally, what really makes the difference for Lucas is that the use of MindYourPass can be made mandatory on certain applications. As a result, it is not just good intentions, but safe behavior is actually enforced where necessary.

‍

_{4. Reflection}

From plan to practice: this is what Joanknecht learned from the implementation

‍For Lucas, the implementation of MindYourPass particularly underlined this: good security is not just about technology, but about the interaction between people and technology. A solution can be technically perfect, but if it doesn't suit how people work, there will be no behavioral change.

And that's where MindYourPass makes the difference: it fits in well with practice. “MindYourPass is thorough and fits in well with how we work,” he says. “Because you can measure and enforce use, new behavior becomes a natural part of the organization.”

What surprised him positively was the smart way in which MindYourPass was built. Login details are not stored, but generated over and over again. The system is widely deployable, centrally managed and developed in the Netherlands.

‍

“You notice that this was built by people with an understanding of security and a sense of practice” - Lucas Vousten, CISO and partner joanknecht

‍

What started as a quest for better password management grew into an approach that truly embeds security in the organization. MindYourPass not only gave Joanknecht more control, but also made safe behavior workable and enforceable. A solution that fits their vision: future-proof, thoughtful and supported by people.

‍