Teaching best practices for password protection
Passwords can drive you crazy.
Exhibit A: Stefan Thomas, a San Francisco-based programmer, is down to his final two attempts to unlock a digital wallet holding $220 million in Bitcoin techno currency. According to Thomas, whose story is making the rounds in publications like The New York Times, he misplaced the piece of paper where he wrote down the password to his digital account. The account gives users 10 tries before locking them out forever, and he’s already exhausted eight of them.
Without the password, Thomas can’t tap the wealth in his digital wallet.
His story is a textbook example of the travails of poor password protocol. While his is a highly unusual situation involving Bitcoin, it still provides parents a teaching moment on the need for their children to develop good cyber hygiene practices.
What are some basic strategies for children? How do you try to ensure their online safety while respecting their privacy? Where to start?
The first step is to explain the bigger picture of password management, said Eva Velasquez, president and chief executive officer of the Identity Theft Resource Center in the San Diego area (www.idtheftcenter.org.).
In an email, Velasquez said children should understand at the earliest age-appropriate moment that proper password protection equates with safeguarding their identity from scammers and others on the dark side.
Children start building their identity the moment they’re issued a Social Security number. They’re also prime targets for scammers because it could be years before they realize their identity has been compromised, such as when they apply for their first credit card.
“Using a unique password on every account is key, as is using a system that will work” for your child, Velasquez said. For example, a password could come from a favorite television show or movie, a favorite athlete’s name or number, or a line from a book or poem.
Don’t use the same password over multiple accounts because it provides thieves with a simple path into a child’s identity information. In addition, keep passwords in a secure location, such as a journal or small safe that kids might use to keep their valuables away from their siblings. Writing down passwords on sticky notes and stuffing them in a nightstand is hardly a secure system.
Velasquez does not recommend keeping passwords in a spreadsheet or word document on a computer. Most accounts that children have access to should have a password reset ability. But if age appropriate, take advantage of free or low-cost password managers that come up with strong passwords and keep track of them.
Parents need to remind children to never share their passwords with anyone, except mom and dad or guardians. I repeat, no sharing Netflix, Disney+, Twitter or other passwords with best buddies, for any reason.
“It’s very important that parents not abdicate this responsibility too early,” Velasquez said. “With some preteens and younger teens, parents will let go of those reigns too early, which can lead to cyberbullying and account takeovers.”
College-aged children, especially those taking classes remotely, should ideally have a unique password for school email, videoconferencing, the homework portal and any other account, experts said.
One parting message for parents: Teaching your kids good password techniques is not a one-and-done, check-itoff-the-list activity. “It’s an ongoing part of parenting,” Velasquez said. “Putting in the effort on an ongoing basis is much easier than recovering from an identity or cybercrime.”