A strong, effective password requires a necessary degree of complexity. In order to make the process simpler, we’ve created steps on what to do, and what not do, when creating strong passwords.
Teach students to never share passwords with anyone.
It’s important to educate students that they should never share their passwords with anyone (except their parents). Students should never give it to friends, even if they’re really good friends. Tell them to think of it as a locker combination.
Make the password at least eight characters long.
Longer passwords are harder to crack. The longer the better.
Use passphrases instead of passwords.
Passphrases are multi-word phrases that can be used instead of a password. Select three or more unrelated words (i.e. fish apple string) and use that as a base for your password. These are longer to type, but easier to remember and easily typed. Don’t’ forget to include a symbol or other character to help strengthen your passphrase further. The more words you put in your passphrase, the better.
Include numbers, capital letters and symbols.
Have students convert some of those letters into other characters. Consider using @ instead of an a, a $ instead of an s, the number 1 instead of an l, or interrupting the password with an exclamation point or other symbol for no good reason. Please note that $afe is not a good password, but something like ”fi$h Apple & str!ng” is an excellent password.
As a general rule the following character sets should all be included in every password:
- uppercase letters;
- lowercase letters;
- numerals; and
- special characters.
Don’t use one password.
Once hackers figure out your password, they will most likely be able to get into all of the other websites and accounts that use that same password. A great alternative to a single password is to take advantage of a password manager or password generator program. These programs and web services manage your strong passwords and you only need to remember one password to access the program.
- LastPass (Free on Windows/Mac, $12 per year for the premium version which includes mobile devices)
- mSecure ($9 for the mobile version)
- RoboForm (Free on mobile, $10 per year for Windows/Mac)
Beware of “phishing” attacks.
Warn your students not to click on email messages that contain links, especially when they don’t know the sender. Students should never click on a link (even if it appears to be from a legitimate website) asking them to login to the site and change their password or provide any other personal information. It might a “phishing” scam where a hacker is collecting the information they enter. Always manually type in the website’s URL in the address bar and login manually.