The Directorate of Criminal Investigations (DCI) has issued a strong warning to Kenyans over the growing threat of cyberattacks, urging the public to adopt better password practices to protect their personal and professional data.
In a statement released on Thursday, October 2, the detectives noted that cybercriminals are increasingly targeting individuals and organisations in Kenya, with many of the attacks succeeding simply because users rely on weak or predictable passwords.
Why Most Passwords Are Easy to Crack
According to the DCI, cybercriminals exploit three major loopholes:
- Poor password habits by users
- Sophisticated attack techniques used by hackers
- Weak systems and oversight by organisations
“Password management is one of the most critical pillars of cybersecurity in this digital age,” the DCI said, warning that even the best security systems can be compromised if the password used is weak.
DCI’s Key Recommendations for Stronger Passwords
To reduce the risk of hacking, the DCI advised Kenyans to adopt the following practices:
Use very long passwords — up to 64 characters
They recommended passphrases (a combination of random words or sentences) instead of short, complicated passwords. Long passwords are extremely difficult to crack using brute-force methods.
Avoid common password rules like forced inclusion of numbers or symbols
According to the detectives, insisting on fixed patterns (like “P@ssword123”) often leads to predictable formats that hackers can easily guess.
Prioritise unpredictability over complexity
Random and unique phrases work far better than passwords that follow a set formula.
Block passwords found in previous data breaches
They advised that systems should automatically reject passwords that appear in known breach databases or common password lists.
Stop unnecessary forced password changes
The DCI discouraged frequent password resets unless there is evidence of a security breach, arguing that users often make minimal changes like adding a single digit — which still leaves accounts vulnerable.
Kenya Among Most Targeted Countries in Africa
The DCI’s warning comes as the world observes Cyber Security Awareness Month, a period dedicated to educating the public on digital safety.
Recent statistics shared by Techpoint Africa show that Kenya recorded 2.54 billion cyber threat attempts between January and March this year — a shocking 201.7% increase compared to the last quarter of 2024.
Government Response
The administration of President William Ruto has reportedly intensified efforts to combat cybercrime by updating national cybersecurity policies and working with international partners to track and neutralise digital threats.
However, the DCI insists that individual responsibility is key, urging Kenyans to treat their digital security with the same seriousness as physical safety.
Join Government Official WhatsApp Channel To Stay Updated On time
https://whatsapp.com/channel/0029VaWT5gSGufImU8R0DO30
