You’ve probably heard about the importance of using strong passwords before. It’s an IT guys favorite thing to go on about. While it might get annoying it isn’t without justification. The most common passwords of 2019 are laughably weak. If adults have trouble keeping a strong password what about kids? Today I’ll walk you through some tips to discuss with your children on how to create a strong password.
Why Are Strong Passwords Important?
The first thing we need to understand is why a strong password is important. Some might argue that a proper password is tough to remember. If hackers are going to get it anyway, might as well make it easy for you, the user. I get it. However, we shouldn’t let down our defense and a strong password is generally the first line of defense.
Today we have password manager applications, such as Dashlane and LastPass, that make storing passwords easy. No longer is the “tough to remember” excuse valid. Not that it really ever was a good excuse.
A strong password helps to keep your accounts secure from bad actors. Hackers, while smart, are also a lazy bunch. Unless you have something very valuable that they want most will seek the path of least resistance. Cracking an easy password with a dictionary attack, for example, is much easier than attempting a strong, unique password.
When explaining why a strong password matters to your kid, keep the following in mind:
- 73%+ of internet users have the same password for multiple websites. If one gets hacked the others could quickly follow. Don’t give hackers more avenues to steal your information.
- With every additional character you add to your password you’re making a hacker’s job harder.
- Strong passwords go hand-in-hand with other security tools such as multi-factor authentication (MFA)
Strong passwords are critical to gaining a solid foundation in proper cyber security.
How to Create a Strong Password
The traditional advice to a strong password goes something like this:
- 12 characters or more
- Use numbers, symbols, and mixed case letters
- Avoid dictionary words
- Don’t replace letters with easily guessed substitutes (e.g. Hi1l)
So we know the traditional password tips. However, you aren’t a traditional guy. That’s why you’re here in the first place. Let’s get a bit more technical with our advice now.
Jibberish Is Good
Long password = good. Long password + a bunch of random words and symbols = better.
Hackers will use words found in the dictionary or used in pop culture to access your account. Using those words, no matter how unique you think they are, isn’t a good practice. Rather, make up a long word with a bunch of random letters and symbols. It doesn’t have to make sense and the less sense it makes even better.
Be sure to avoid using passwords that are just consecutive keys on the keyboard. QWERTY is fun to say, but doesn’t make for a strong password.
The ‘Ol Razzle Dazzle
Keep ’em guessing by creating passwords that incorporate symbols, numbers, and letters. This makes it harder to crack the code. Since you are using a made-up word it will be twice as hard to access your account.
I’d recommend using some type of password generator to be most effective. As humans we tend to overestimate ourselves. We think we are being completely random, but we really aren’t. Password managers usually have a built-in password generator. Be sure the settings account for length (21+ characters is good) and includes special characters.
Don’t Get Personal
Yes, it’s super easy to remember the name of your first dog. That information is also easy for a hacker to discover. Avoid using the names of pets, family members, birthdays, anniversary dates, addresses and other easily discovered words in your passwords.
This is also a good practice when creating security questions for online accounts. Avoid using answers that could be easily discovered online. For example, if your kid plays for the Lil Lions junior football team don’t use that as an answer to a question.
Avoid Password Reuse
That’s right. I’m saying that you need a new, unique password for every site where you have an account. Again, password managers will save you here.
The primary reason is that if you reuse passwords you might suffer more when one account is hacked. If a bad actor gets your Facebook password, which you also use for your Yelp, bank accounts, and gym account you’re going to have a bad day.
Keep it to Yourself
Your kids, spouse, and best friend might all have a legitimate reason for needing to know your passwords. However, you need to stand strong and say no. Sharing passwords is a recipe for disaster and can cause conflict with those closest to you.
Keeping your password safe means you also need to avoid entering it into a field in plain sight of others. If you can shield your phone or turn your back while you enter your password then do so.
Finally, and this is tough to say, don’t write down your password and stick it next to your computer. My grandfather thought he was smart and hid it under the mouse pad. As you might guess it was easy to find. This also goes for those who avoid password managers and store passwords in a text file. If that is you then be sure the file has some random name. “My Passwords” is not a good name for a file.
Teaching your kids how to create a strong password isn’t time consuming, but the lesson is extremely important. A quick conversation and explanation as to why it’s important could save your child and possibly yourself a big headache down the road.
Just be sure to practice what you preach. I’m looking at all of you who use your fantasy football username as a password.
Stay safe out there, folks!