Germany's national cybersecurity agency is urging webmail providers to make robust security features the default standard for all users.
Germany's national cybersecurity agency, the Federal Office for Information Security (BSI), is urging webmail providers to make robust security features the default standard for all users, Cybernews reports.
In a new whitepaper, the BSI argues that critical protections like two-factor authentication (2FA), passkeys, and biometric verification should be automatically enabled, rather than being optional settings that users must find and activate themselves.
This call to action follows government research revealing that only 34% of internet users in Germany employ 2FA, a figure that indicates a declining trend.
The BSI states that this low adoption is due to a lack of transparency from providers and complex user interfaces. The agency's framework also demands that providers implement modern password rules and create more reliable, transparent account recovery processes to prevent lockouts, even during an account takeover attack.
Emphasizing that secure email is fundamental to digital participation, the BSI stated the goal is to "strengthen consumer protection in one of the most important areas of digital life" and ensure "transparent, secure, and user-friendly email services are essential for digital sovereignty in Germany."
Sharon Florentine is the editorial director for CyberRisk Alliance’s Channel Brands and acting editorial director for SC UK. She is responsible for setting strategy and editorial direction and developing content for news, features, analysis and other written content, moderates live webcasts, and oversees research projects. Sharon has previously held key editorial, content and leadership positions at DevOps.com, Security Boulevard, CIO.com, Ziff Davis Enterprise, and CRN, among others.
Sharon Florentine is the editorial director for CyberRisk Alliance’s Channel Brands and acting editorial director for SC UK. She is responsible for setting strategy and editorial direction and developing content for news, features, analysis and other written content, moderates live webcasts, and oversees research projects. Sharon has previously held key editorial, content and leadership positions at DevOps.com, Security Boulevard, CIO.com, Ziff Davis Enterprise, and CRN, among others.
An error occurred trying to play the stream. Please reload the page and try again.
CloseRegistering with SC Media is 100% free. Join tens of thousands of cybersecurity leaders today and gain access to the latest analysis shaping the global infosec agenda.
