What Makes a Password Strong?

Prior Knowledge

Students have some experience with logging into authenticated accounts (like websites)


Computers with Internet Access and the ability to get to the following sites:


Who Cares?

You don’t want anybody logging into your accounts but you. If someone logged into your Instagram account, they could post things and pretend to be you, or much, much worse.


Everyone has accounts they must log into for school, social media, games, email, etc. You probably have a username and a password to login. Does anyone ever forget their password? Do you think your password is secure?


I can make passphrases that are both strong and easy to remember.

Activity 1: What Makes a Passphrase Strong?

Direct students to the day one passphrase activity on the site. Allow time for the group members to come up with answers to the questions. 

If a group finishes ahead of the others point them to the additional content. 

TA’s and instructors walk the classroom, if one of the groups has a particularly insightful answer to one of the questions, ask if we can use it for discussion.  

When the groups have their questions completed bring the attention back to the instructors.

Lead the closeout class discussion with some of the groups answers to questions. The discussion should close down with a few points, either write them on the board or put up a slide with the point “In terms of password strength, the length of the password is the most important factor.”

Activity 2: How Can We Make Passphrases Easy to Remember?

Begin by talking about the fact that it is easier to remember a location, image, or event than it is to remember a typical password. For instance, perhaps my (somewhat secure) password to log into my email is c0k3peps11942dog$$ is that more or less difficult to remember than my (very secure) passphrase I was in Iceland in December of 2003 for 4 days. Because I remember my trip to Iceland, that passphrase is much easier to remember, also, due to its length it’s much more secure.

Have the students work with their groups on the howsecureismypassword site to create a passphrase (be sure to tell them this one is not ever to be used) that is highly secure, easy to remember, and appropriate to share with the class. This should only take a minute or two. As each group decides on their passphrase, they write it on the board for the class to see, along with the time it will take to crack (according to howsecureismypassword).

When each group has a passphrase on the board, instructors review the results, and talk with the class about the merits of some of the passphrases.


During the discussion at the end of activity 2, allow the students to begin filling out their 3-2-1 form

Leave a Comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s