Create or find a classroom resource that teaches students about creating strong passwords, passcodes or passphrases.
I found some great resources on the esafety government website, which could be integrated into lesson planning. Setting up post-it notes on the side of the computer screens to remind students to change their passwords regularly, not sharing them with anyone, making a ‘pass phrase’ instead of simply a password and signing out when you’re done using a website or device.
Setting strong passwords
To set a strong password, select it carefully. Security experts now recommend using a ‘pass phrase’ rather than simply a password. The phrase should be relatively long — perhaps 20 characters or so — and consist of seemingly random words strung together along with numbers, symbols and upper and lower case letters.
To create a pass phrase, think of something that you can remember but others cannot guess such as BlueChocololate#239TriumphFi$h.
When creating passwords or pass phrases there are some definite dos and don’ts.
- Use between 12 and 20 characters — longer passwords are stronger.
- Use a combination of words that aren’t predictable but that you can remember.
- Use two-factor authentication on accounts containing personal information.
- Use pet names, birthdates, family or friends’ names, favourite foods, colours or singers in your new passwords.
- Use a predictable combination of words e.g. ‘ilovehiking’, a context specific word e.g. ‘google’ or repeated sequential characters e.g. ‘aaaaaa’ or ‘123456’.
- Avoid using famous quotations that might be easy to guess.
- Share passwords with others, even with friends.
- Store them on your device, unless it’s via a password manager which stores them in an encrypted database.
Security experts now recommend using a ‘pass phrase’ rather than simply a password. See protect personal information, which includes advice on setting strong passwords.
Do not use the same password, PIN or passcode for more than one account.
Install anti-virus and internet security software and keep it up-to-date.
Keep your operating systems up-to-date and install all updates to the software and apps that you use on your devices as soon as they are available.
Secure your wireless internet connection — use a strong password or ‘pass phrase’ for your router and enable network encryption.
Keep a close eye on your portable devices — such as your mobile, tablet or laptop computer — take extra care so they are not lost or stolen and, when possible, limit other people’s access to them. It is also a good idea to set Auto-Lock to one or two minutes, so that your devices automatically lock themselves and require a PIN or passcode.
Strengthen the privacy settings on your social media accounts to make sure that the only people who can see the content you post are the people you choose. For more information about privacy and securing your personal information see the social media checklist and the eSafety Guide.
Sign out of email and social media accounts once you have finished using them rather than just closing the page or browser.
Do not use saved passwords to access your accounts. If you are using saved passwords to automatically log into your accounts, this is a simple way for anyone who has access to a computer to gain access to your accounts. Remember, if you have not changed your passwords, they may still be saved on devices that your current or ex-partner has access to. Change the passwords on all online accounts and do not save the new password in your browser.
Do not open suspicious links or attachments as they can contain viruses and malware.
If you are setting up a new phone or tablet as part of safety planning, do not reinstall it from a backup, as this may bring across any spyware that could have been installed on your device. Instead, set it up as a new device.
It is also important to ensure that the accounts you use to update your devices, such as your Apple ID, are not shared with your current or ex-partner. If they are, do not use these accounts and set up a new account with a strong password or ‘phase phrase’.