There are two kinds of people in the world.
There’s the kind who use a password manager and have different unique, complex, impossible-to-guess passwords for every website they visit.
And there’s the kind who use the exact same combination of their kids’ or pets’ names for every website they visit.
(FYI: “password123” is not a good password either, everybody.)
For Cybersecurity Awareness Month, the U.S. Cybersecurity & Infrastructure Security Agency (CISA), a division of the Department of Homeland Security, is encouraging more people to try to be the former, and not the latter.
The initiative ties in nicely with what the BSA is already teaching its older youth members: How to stay safe online in part by securing your passwords.
Four things you can do to be cyber secure
The CISA lists four action steps that everyone can take.
- Use strong passwords: Use passwords that are long, unique and randomly generated. Use password managers to generate and remember different, complex passwords for each of your accounts. A password manager will encrypt passwords and keep them secure for you.
- Enable multi-factor authentication: You need more than a password to protect your online accounts, and enabling MFA makes you significantly less likely to get hacked.
- Think before you click / recognize and report phishing: If a link looks a little off, think before you click. It could be an attempt to get sensitive information or install malware.
- Update your software: Don’t delay. If you see a software update notification, act promptly. Better yet, turn on automatic updates.
The BSA’s Personal Safety Awareness videos
The BSA’s current youth members don’t know of a world without the internet. That’s why the BSA includes cyber safety as a core part of all its programs.
Scouts BSA and older youth are old enough to learn about the importance of being smart with online passwords. Just like with everything else they learn in Scouting, building the right habits now increases the chances of them becoming smart, responsible adults.
But one in particular — the digital safety video for the Star rank — covers online passwords.
“This video illustrates how your life can be impacted by simply sharing passwords,” it begins.
Inspired by true events
Yes, some teens think it’s perfectly fine to share passwords, not just for services like Netflix, but for email, cloud storage and other online services that might contain sensitive information.
The BSA’s video tells the story of a young woman who shared her email password with a friend, who in turn was pressured into sharing that password with school bullies.
The bullies then logged into the young woman’s email and sent inappropriate messages to other students that appeared to come from her.
“Since it came from my account, everyone thought I really sent it,” says our main character who, although fictional, is based very much on the kind of things that happen to teens in real life. “I thought it was safe to share my password with my best friend. Now I know you can’t.”
Using common sense with passwords
And, of course, if your Netflix password is also your email password and also your banking password and also your credit card password … well, you can see where this is going.
“Make sure you have a strong password,” our video advises. “Strong passwords have letters, numbers and special characters. Make sure you change them often. And don’t let anyone use your passwords.”
The reason many people choose to use the same password for every site is because it’s easier that way. Long, random, unique passwords, on the other hand, are difficult to remember, especially if you have a different one for each site.
The solution is a password manager, an app that creates and saves all your passwords for you, requiring you to remember only one “master password.” Additionally, many modern browsers will offer to save passwords for you. This is safe as long as your computer itself is protected with a password, and as long as that password isn’t your kids’ names … or … password123.