13 July 2020
Eindhoven: the creative city
- About Brainport
Passwords remain the weakest link in the security of online systems. There are plenty of people who already find 'welcome123' too difficult to remember. Merijn de Jonge came up with a solution for the 'password problem' with MindYourPass. It’s a very relevant problem, now that many people mainly work from home.
De Jonge finds it interesting that we do insure ourselves against fire, “but investing in online security is way less obvious”. He came up with a solution that fits the current infrastructure of passwords, an infrastructure that has been around for at least forty years. Many IT people want to get rid of passwords, but so far no alternative has been found that is sufficiently secure and works on every account. This makes De Jonge’s solutions very relevant.
With the MindYourPass password generator only one easy to remember password is needed. A patented mathematical formula, together with that easy password, generates a strong password for every online account you want to login to, explains De Jonge. It is completely anonymous, he guarantees. “We know nothing about the users of MindYourPass. We don't even have e-mail addresses and we don't store any passwords. There's nothing for hackers to get from us.”
De Jonge claims his solution works immediately and on every site in the whole world. “Other means of security are, for example, codes sent to you via an app or an extra device you need to do your banking with, both so-called two-factor authentication methods. However, you must first download that app or have that device. And it doesn't work for every site.''
,,If you create an online account, for example at bol.com, you put your personal data in a kind of safe. Because you don't want anyone to have access to it, you create a password. That's your key.” Not only do people use passwords for private purposes, but also for their work in order to access confidential and privacy-sensitive information. “Employees can make up their own password. And that’s the main problem,” says De Jonge, “unfortunately, people can't invent and remember a good password. Let alone dozens of them.”
A strong password is long, consists of random characters, and is unique. De Jonge: "A passphrase is often better, but consists of words that can be traced. And if someone has a strong password, he often uses it for multiple sites, so it is no longer unique.”
Everyone may have up to twenty to forty accounts for which they have a password, De Jonge continues. "That's often the same key or just a little modification of it. Those weak passwords determine how strong the online security of company data systems is, because even for the 'company safes' people don't come up with strong passwords”, says De Jonge. Hackers can make different combinations of those weak passwords and try to access company systems by tracing those weak passwords.
There are tools that come up with strong passwords and store them for you, but a company cannot force employees to use them. That's why De Jonge turned it around. "I look at the organization as a whole. How can all those safes, even private ones, of all the employees within an organization be secured?”
Besides the password generator, De Jonge came up with the password firewall for companies. That firewall forces employees to use strong passwords. “So they cannot log into the purchasing system with a 123 password, for example''. Usually, companies have security built-in. A computer system like Windows, for example, asks for a new password every once in a while. But this is only for internal company accounts and not for online accounts. "MindYourPass applies to all accounts, including private ones”
So to help employees with those strong passwords, there is the password generator. Via the MindYourPass site, everyone can download and use this generator for free. “This is partly based on our vision that everyone has the right to live their digital life in a safe and friendly way. And we hope that if individuals are enthusiastic they will help us get in touch with companies. So that they eventually sign up with us for the firewall.''
Last year, MindYourPass received a subsidy from the Brabant Startup Fund. With this, De Jonge and his team refined the technology and made it ready for the market. “We now have our first paying customers, but like so many, we were overwhelmed by the corona crisis. This meant that the contacts we had were paused for a while because there were more urgent matters''.
As a software company, De Jonge resides on the High Tech Campus Eindhoven in the Brainport region. “This region breathes innovation and there is so much knowledge and expertise. That makes it a cool region to be based in. And all those high tech companies here are potential customers, of course. From here, we can increase our visibility and grow to other regions and countries''.
By working from home a lot, De Jonge hopes that companies will understand the importance of good online security. “Everyone thinks: my house burns won’t burn down to be left empty-handed." According to De Jonge, hacking is also common and its impact can be at least as intense. With MindYourPass, De Jonge wants to make the security of digital safes visible and tangible. “How many are secured with a strong password, how wide open are the doors of your safes? I see MindYourPass as part of the insurance of your home.”