Tuesday, August 27, 2013

If you do nothing else, teach your kids and teens password hygiene!

Password theft or abuse are often the root of cyberbullying and digital abuses. Passwords are frequently too easy to guess, hard to remember, stored on a device or shared with others. WiredSafety.org’s studies have shown that most teens share their password with at least one other person (typically their boyfriend/girlfriend or best friend). And they rarely use different passwords for different sites or purposes, which means once someone has it for one network, they have it for all networks. 

They need to be reminded that giving your password out is like locking your door, but giving someone the key and burglar alarm code. It’s not very smart.  Teach the teens you work with to make it a hard and fast rule never to share their passwords. 

Too many computer and account intrusions arise just because the password was easy to guess (such as the word “password,” or “12345”) or because it was one of the “20 questions” used to come up with most passwords (such as our pet’s name, our middle name, the street we live on, birthdate or anniversary, the year we graduated or will graduate high school, favorite sports team or rock star).

There are usually three different levels of passwords. Easy (or low risk of loss), medium (a higher level of risk of loss) and very hard (for financial accounts, health information and other very sensitive accounts or data). Think of them as Goldilock’s passwords, you want them not too easy, not too hard but just right. 

Simple passwords that are easy to remember, but not one of the easy to guess choices, are fine for free accounts, such as your local news site or networks that give you free accounts and don’t contain anything that you couldn’t recreate easily. 

Medium levels are for your social networking accounts and other accounts that are important but that could be retrieved if accessed. (Facebook offers a device authentication security feature, where you can verify your devices to prevent others from accessing your account for other devices. This is an easy way to help secure your Facebook accounts.) 

Hard passwords have to be the most secure, and often have to include upper and lower case letters, symbols and numbers. These are hard to remember, though, and often stored in text files or on PostIt notes stuck to the computer monitor. That makes them very vulnerable to being accessed by others. 

Suggest that your teens come up with a special sentence for each instance of high security password customized for each network or account. A sentence starts with a capital letter, contains lower case letters and ends with punctuation (a symbol). As long as the sentence also includes a number, it meets the high security requirements. If you include something that you use to describe the network of account (i.e. “FB” for your Facebook account), these are also customized for each account and even harder to guess.