Securing your data and accounts: from passwords to digital resilience

Strong passwords are the first line of defence for digital security

The security of an account is always based first and foremost on a strong and unique password. Yet, many people use the same password for multiple accounts, often for convenience or because it's difficult to remember different passwords. This habit poses a major risk. If your computer is hacked, cybercriminals can then quickly gain access to many of your accounts. That's why cybersecurity experts recommend using a unique, long, and unpredictable password for each account.

Password managers: easy and secure

It is obviously not easy to create, and especially to remember, a unique, long and unpredictable password for each account or device. A password manager is therefore particularly useful.

A password manager is a digital vault that securely stores all of your passwords. As a result, you only need to remember one strong master password. 

The software loads automatically:

• Generate strong passwords
• Store it securely.
• and enter them correctly when logging in to websites and apps.

Nowadays, modern browsers (such as Chrome, Edge or Safari) also offer secure storage thanks to strong encryption. However, specialized password managers often offer additional features, such as better synchronization between devices and security controls. They are also platform-agnostic. These digital vaults also use strong encryption and apply the principle of zero knowledge, i.e. even the provider cannot view your passwords.

There are free and paid solutions. Here are some recommended password managers:

• NordPass^*: stands out for its high level of security, reliability and ease of use;
• Proton Pass^*: Combines ease of use with strong encryption;
• Bitwarden^*: offers a very extensive free version and can be used on an unlimited number of devices;
• Keeper: User-friendly and secure. A paid subscription is required after the trial period. Keeper is particularly suitable for Android devices;
• RoboForm^*: User-friendly and secure password manager with a convenient autofill feature. The free version is limited to a single device; A paid subscription is required for syncing across multiple devices.
• 1Password: efficient, user-friendly, family-friendly and business-friendly solution. A 14-day free trial version is offered, after which access requires a paid subscription;
• KeePass: Works locally, making it very secure, but must be installed separately on each device. This manager is completely free, but the user has to manage the backups and synchronization themselves.

(^* free version available with the option to upgrade to a paid version)

Two-factor authentication: an essential additional level of security

While the use of a high-performance password manager is a first line of defence for online data protection, two-factor authentication provides essential additional security. 

Two-factor authentication is highly recommended on all devices, as it provides an additional level of protection, independent of biometrics. It is based on the combination of two things: something you know, such as a password, and something you have, such as a smartphone or a physical security key.

In concrete terms, when logging in, it is no longer enough to enter a password: you also have to confirm a temporary code. This code is generated via an authenticator app on the smartphone or by means of a physical security key, such as a USB or NFC (Near Field Communication (Near Field Communication  (NFC) key – a technology best known for contactless payments or check-in on public transport via smartphone, but also used for two-factor authentication,  editor's note). 

There are independent authenticator apps such as Google Authenticator, Authy, FreeOTP/FreeOTP+... that only generate temporary codes for an extra layer of security, without being tied to a specific password manager. Other applications are specifically associated with a manager, such as Bitwarden and 1Password.

The physical security key must be connected to the computer or smartphone. Access to the account is only granted if the key is physically present. This method is particularly effective against phishing and is considered one of the safest ways to protect accounts. These keys are increasingly used to secure sensitive accounts, both for business and personal purposes, by users who are mindful of their digital security. 

On computers, including laptops, which are not always equipped with biometric solutions, two-factor authentication is particularly effective. Even if a cybercriminal managed to discover your password, it would be impossible for them to go any further without this second factor of authentication.

Training in digital security, from an early age

Digital resilience is not just about adults. Children and teens are growing up in an increasingly digital environment and need to learn how to protect their accounts and data from an early age.

This awareness can be done in a fun way through educational initiatives, such as the online game Space Shelter, developed as part of the Belgian Cybersimpel program. In this game, children learn in a playful way:

• Why strong passwords are important.
• how two-factor authentication works;
• How to recognize phishing attempts.

Making security concrete and understandable helps to raise awareness that the same level of vigilance must be applied online and offline.

Working together for a secure digital environment

Digital security is not a one-time action, but the result of good habits combined with smart tools. Strong passwords, a strong password manager, two-factor authentication, and digital education are all mutually reinforcing. By making informed choices today, we are not only protecting our own data, but we are also contributing to a safer digital environment for everyone in a sustainable way.