A Bulgarian MEP is in charge of an initiative called "I won't get hacked" promoted with the hashtags #cyberneat (and #киберчист in Bulgarian) so far starts as a very promising cinge-fest kind of really like what we expected TBH.
First thing they do is launch http://cyberneat.e-gov.bg/ (yes over HTTP, yes **ONLY** HTTP), which gives you soem password tips like mixing cases, using special characters, using at least 10 characters etc. and then prompts you to check how strong your password is.
They have an actual password field in there. Any sane browser flashes red lights all over the place when you click in a password field on an HTTP page obviously, but hey it's a site by the government, they're the good guys right?
It actually just does a stupid length check to tell you how long it would take "a hacker" to break your password.
There are a bunch of wrong things there, the least bad among being normalizing of very bad security practices, opposite to what the campaign is going for.
* You are encouraged to use a password strength checking service, which is a very very ill advised thing to do
* You are put in a situation where even if trusting your government is something you feel fine with MITM-ing your connection to them is trivial.
* You are given a false sense fo good security from the stupid password length checker, which tells you that it would take "a hacker" 53 years and 7 months to crack the ingenious password you've chosen: password1234.
The MEP in question is actually cited as being the European Commissioner of digital economy and digital society.
Not sure how much of this title is just stringing together bullshit buzzwords and how much power stands behind it. Either way this is a signal that the EU is entrusting t3H Cyb3rzZZz to someone quite incompetent, who on their turn rely on probably equally incompetent people. ☹️