Photo: Kees Martens/ DCI

Eindhovens Dagblad
Tuesday, July 16, 2024

Amanda Bulthuis-Oerlemans
amanda.bulthuis@ed.nl

The idea came about ten years ago in Merijn de Jonge's head. “It started with my frustration with passwords. You'll need to create a difficult password for each account and come up with a different password for each account. That is impossible to do. I started thinking about how you only need one password, which should also be easy to remember. I started programming myself and this is where MindYourPass ultimately came out.”

The technology of this Eindhoven company works like this: suppose you want to log into a webshop. When you are on the login page, click on the MindYourPass (MYP) icon. Then enter your easy-to-remember password, or use fingerprint or facial recognition. MYP then calculates your password.

Your password is therefore not stored in a list of passwords, but is calculated. This is done with a formula that looks at various factors, including your identity and the website you're on. You can compare it to a math; 2+4=6, for example. 2 is then your easy to remember password, 4 is something MYP remembers for you and 6 is your password at the webshop.

Not to be guessed

As long as the factors in the calculation remain the same, the outcome is also the same. For example, if you are on a counterfeit website, a different password comes out of the calculation and is therefore not possible to log in. Just like the result of 2+5 or 3+4 is not 6, but 7, and you can only log in with devices and browsers that you've authorized to MindYourPass.

In reality, MYP looks at many more factors and ensures that the math and passwords they generate comply with all security rules. Hackers can no longer guess such passwords. The technology is so unique that MindYourPass has several international patents for it.

The problem of unsafe password use is significant. Research conducted by the Knowledge Center for Psychology and Economic Behavior in 2022 shows that almost 84 percent of the participants use weak passwords. Nearly 28 percent said they used the same password multiple times.
‍

Everyone scored an unsatisfactory score for their password usage. That really worries me.

De Jonge also sees this in practice, even with groups where you don't expect it. ,, We did a scan at an educational institution affiliated with Eindhoven University of Technology. Surely there are all smart students there. Everyone scored an unsatisfactory score for their password usage. That concerns me. I immediately started talking to other educational institutions to get attention to this. These people will soon enter our business community, so you don't want them to be an online security risk.”

MindYourPass is also privacy-friendly. Your passwords are not stored, but are reproduced every time you log in somewhere. Privacy is also why the service is free for consumers. “Otherwise, we need payment details and the like from you, at the expense of privacy,” says De Jonge. ,, We earn money because companies and organizations use our service. They do pay for it. We don't need employee data for this.”

De Jonge first offers companies a scan. ,, This shows, for example, how many programs and websites employees log in to and how often the passwords are the same, too easy or even stolen. Companies are shocked by the outcome. After all, they all score very poorly.”

Damaged or bankrupt

For companies, it is extra important that employees use secure passwords. ,, A hack can cause just 4 tons of damage to an SME. There are even companies that are going bankrupt,” says De Jonge.

Passwords that are too easy, commonly used, or stolen are easy for hackers to get in with. “As an employer, you can take a huge step by enforcing secure password use,” explains De Jonge. “This coercion is necessary, because we see that in companies that only set a password policy, 70 percent of employees do not comply with it.”

MindYourPass is already being used by several dozen business customers, including a number of municipalities. The municipality of Eindhoven is also working with MindYourPass. “All 3,400 employees will be using our software.”