There has been a lot talk in recent weeks about Apple’s refusal to unlock an iPhone used by a San Bernardino terrorist. Even Google’s CEO, Sundar Pichai, has sided with it’s long time rival Apple on the encryption debate.
This all got me thinking about my own security measures. I like to think I’m pretty security conscious, and I wanted to share the limited knowledge I have with other teachers.
Often I notice teachers log into their devices with a password that can’t be longer than a couple of characters. Considering the high levels of confidential data and emails about students that most teachers have stored on their devices, this is concerning. Sure, it would be nice if we didn’t have to keep this data on devices that go back-and-forth from home, but that’s just not realistic for most teachers.
First things first, test out how strong your password is. If you use multiple passwords, test them all out and see where you stand. Check out How Secure is My Password.
According to their GitHub documentation,
“How Secure is My Password? lets your users know how long it would take someone to crack their password. It also checks against the top 10,000 most common passwords as well as a number of other checks (such as repeated strings, telephone numbers, and words followed by numbers).”
I’m sure whatever result you get from How Secure is My Password, you will be surprised. What’s even more surprising is that an average desktop computer can test about billions of passwords per second. Yes, per second. A quick google search actually yields many ways to hack passwords, meaning someone with some time and motive could potentially get past your password. I used to use what I thought was a very secure password – I took a random word and inserted random numbers inside of it (something along the lines of ca4na6da). Little did I know, this wasn’t very secure (cracked in one minute). There are countless ways to make stronger passwords, but the most useful tool I’ve found is Make Me A Password, which is actually a sister site of How Secure is My Password. A few minutes of playing around with the options on there and copying & pasting the passwords to test their strength gives you a pretty good idea of how easy it can be to make really strong passwords that are just as easy to remember (believe it or not, some people suggest that the only secure password is one that you can’t remember). There are tons of password generating websites out there, even one that promises Unf#!gettable Passwords (language warning) . Try them out, find a better password that works for you.
Many security experts also call for people to use a different password for every single service they use. Despite this, 55% of internet users over the age of 16 (yes, that’s a huge demographic) use the same password for most, if not all, websites. Let’s be honest, many of us teachers have accounts set up on hundreds of different sites and need to be able to access them regularly. From a practicality standpoint, this just isn’t reasonable for most teachers. On the other hand, it’s even more important for teachers since we house so much personal data about our students on our devices. I don’t want to come across as a fear mongering but just imagine if someone got a hold of your password and all the information they could gather. It’s important that we are proactive about this. Luckily, it’s fairly easy to improve your own personal security.
I highly recommend getting yourself a password manager that safely stores your passwords for every site and allows to not worry about them. My tool of choice for this is Dashlane (this is my own personal referral code link that gets you free Dashlane Premium). Once you sign up and install your browser extension, it will start asking you to save any passwords you enter. After a while, it will even give you a security score, based on how strong your passwords are (or aren’t) and how many passwords you use multiple times. Even better, it will automatically log you into any site you go to in your browser (this also works on my Android phone with any app I need to log in to). So, once you have come up with different passwords for each site you use, you don’t even need to worry about remembering them. Another nice plus is that if a site’s security has ever been compromised, it will prompt you to change your password right away. Here’s a nice video overview of all the features.
Honestly, using a password manager has actually saved me time since it will automatically log me in. I value Dashlane so much that I have purchased their Premium version, but there are other alternatives out there like LastPass, 1Password, and KeePass.. I highly recommend trying a few out and discovering which one works best for you and your needs. Lifehacker completed a comparison guide for some of the top options out there.
The first step towards teachers being more secure with data online is through password security. The more you know, the more you can make decisions that will better protect yourself and your students online.
Photo from Unsplash: Thomas Lefebvre