Having an easily broken password can create a range of problems. We encourage children to save money – what happens if someone else gets access to their banking app? What if someone hacks their social media accounts and embarks on a hate campaign? There are countless apps that demand access to a device’s images and location. These could pose a serious risk to a child’s safety.
Parents, as the most trusted advisors of their children, should be there to help them create their first strong secret code. Parent should explain best practices and highlight their importance. Below is a short cheat sheet for creating a good password.
A strong password:
1. Is unique. Each account should have its own password.
2. Is long. The recommended minimum is eight characters, but the longer the password is, the better. Bad guys today can guess four random characters or numbers within a few seconds. To improve the strength of the secret code, more characters from various groups need to be added.
3. Can be hard to remember so can be replaced by a passphrase - a short sentence or saying that is easy to remember. Passphrases are often much longer than a basic password that combines only a limited number of different characters and numbers, and therefore stronger at protecting accounts.
4. Has a few letters exchanged for special characters (@, #, $...) or numbers to make it harder to guess.
5. Avoids commonly used words such as “password”, “secret” as well as the name of the child, parents, siblings or pets, which can often be found via social media.
6. Avoids repetitive and sequential characters, such as “1111”, “1234” or “abab”.
7. Is secret. This is an important point but is useful mostly for older children and adults. Young kids may forget passwords – and more importantly – still need guidance when surfing online. To achieve those goals, shared parent-child accounts or parental control apps are also very useful.
A fun way to learn about password creation
Parents can invite teenagers to run a family competition to rate their passwords. Everyone writes their own passwords on a card and sticks them on a shared board. The group then goes through the passwords of the others and rates them by from one to five. The higher the score, the higher the expected strength of the password.
To help you rate the passwords, you can use a third party Password Strength Estimator here or here. This can be a helpful tool to estimate the strength of your password (however, please note it’s just an estimation).
Add up the scores from the first round. The second round introduces everybody's reasoning and approach when creating them, adding an additional one to five score card, according to the quality and reliability of the approach taken.
Try to strike a balance of challenging children without being too competitive. Be careful with your language so that you are truthful and respectful at the same time to motivate teens to practice critical thinking. Count the sum of scores and after that run the passwords through a password manager to reveal the results of your attempts. Reward the winners and discuss the approaches taken and what you learnt.
Ask youngsters to articulate arguments and explain their strategy in detail. They can use smartphones and browse the web to get some advice on strategy. But afterwards, they would have to show you, the less skillful parents, where exactly they managed to get the advice on the internet. You might get them to introduce you to some trusted pages to go to for advice.
You can also play in teams of 'parent-child couples', learning and bridging the generation gap by using digital technologies at the same time. When talking about creating passwords make sure you give your child enough questions to make them think it through and propose their own ideas.
Teenagers and adolescents love to be considered as mature and savvy. They value sharing their expertise when needed. If you have more adolescent children aged 13 to 18 in the family (siblings, cousins or family friends), then use the variation “children teaching parents”. Play parents and children in specific generation teams. The best version is when there is a considerable age span in a child team which would allow natural peer-to-peer learning while playing against the parents.
As children grow older, parents should encourage them to use additional security measures to protect their security codes. A password manager can safely store large numbers of complicated codes and can use two-factor authentication, which verifies if the person who entered the password really did so.