Why do I need to protect my data?
First off, you need to talk with your children about why they need protection. You may make a comparison between the internet and the real world – when they leave home, they should lock the door, otherwise strangers may get inside, look through their space and even steal the things they value the most. They may even wear the stolen possessions so as to impersonate the rightful owner – which, in cyberspace, represents identity theft. Describe some of the dangers of the internet without making the online space seem scary or hostile. Focus on the fact that, while the internet offers many possibilities, it pays to remain careful about our online behaviour. Discuss the fact that data or pictures shared online can be accessed by a wider public, and that people with malicious intentions could use such information for cyber bullying, grooming or identity theft. You should also discuss the individual online profiles your children have and the possible risks that come with different platforms. For instance, when a child adds a location to their picture on Instagram, strangers may be able to find out where they live or go to school. On Facebook, adding your phone number so that others can see it may lead to unwanted messages or calls from strangers. Learning to take care of their privacy can help your child avoid many unpleasant situations.
Why would anyone want to steal my information?
Criminals may take an interest in your child’s profiles for various reasons. They often harvest data merely to sell it. But for children, the largest problems are grooming, cyberbullying and extortion – all tied to misuse of the children’s naturally over-sharing nature revealing their personal information, location, or activities. Also, stolen accounts (be it social media or webmail) are quite profitably sold, and can be leveraged to allow an attacker access other parts of our digital lives – e.g., request password reset, abuse the info to guess other credentials, steal sensitive info and documents from our messages and so on. Finally, some cybercriminals may even use your child’s digital information to create bank accounts under their name, or even to illegally obtain a loan.
Read more: Identity theft affects children too – and it can create financial problems that explode on them in adulthood
Why are passwords so important?
When protecting your data, passwords are crucial. Without passwords, anyone could access your accounts and your data and misuse them for malevolent or criminal activity. When discussing passwords with children, you can describe them as keys that unlock their own personal treasures: items of value should be kept in a safe space where they remain protected by a reliable lock. The key should be unique and complex enough so that others cannot easily guess it and get to their gems. It needs to remain private, so that no one can enter the accounts, however young children (specifically those who are younger than an age appropriate for social media, meaning younger than 13 years) should give a copy to their parents, in case they ever forget their key.
What does a strong password look like?
A password can be a phrase, a word, or simply a mix of symbols. A child should come up with a password that they can effortlessly remember, but that is not easy to guess. Accordingly, it should not be based on any information that they share publicly, such as their birthday, name, their favourite food, influencer, pet, or colour. The password should be long enough (at least 8 characters), and it should include at least one capital letter, a special symbol (such as @, $, #, &, /, >, !), and some numbers.
How can I remember my passwords?
As previously noted, the passwords children use should be based on their own choice so that they can easily memorize them. It is safer to pick a different password for each website to make sure that even if someone cracks one of the accounts, they still cannot access the others. As a result, remembering all the variations can be tricky. Your child may be tempted to store their passwords into their browser to have easy access to all their accounts – however, some browsers do not protect the stored credentials by encryption, and as such they may be stolen by cybercriminals. Additionally, whenever a child leaves their device unguarded – or worse, if they happen to lose it – anyone can access their sensitive data. A better option is to set up a password manager that will protect your child’s passwords in one place. Additionally, if a child wants to write their passwords down, emphasize that they should never write them into a notebook that they always carry around. This would make it quite easy for others to see their credentials; moreover, there is a high risk of losing the notes. Your child can write the passwords down into a notebook that they always keep at home, one that remains locked, for instance, in their desk.
Should I share my passwords with anyone?
When it comes to younger children, a parent should have their passwords so that they can be of help in case of emergency. It is best to encourage your child to share their passwords with you safely. Different password managers offer various ways of sharing credentials without endangering the child’s security, for instance by encrypting them, enabling access only with a multi-factor authentication etc. As a parent, you can also use passwords to check the child’s profiles – preferably after a discussion in which you will explain your intentions and the reasons behind your behaviour.
On the other hand, parents should emphasize that children should never share their passwords with other people, even their friends. This includes not only the credentials for their social media profiles or e-mail, but also gaming or streaming sites. Remind your child that if they only tell a few people, who then also only tell a few people, a snowball effect commences and suddenly anyone can access the accounts including any information that is stored in them, share posts under their name, and even delete their progress or previously shared content. Does your child seem unsure about why they should not want other people to log into their accounts? Go back to the first question and discuss the risks again, in more detail.