One day, as I struggled to call up the password for my iTunes account, my 12-year-old daughter commented that she never has any trouble remembering her passwords. Then she began rattling off the various accounts requiring them. As the list grew, starting with Facebook, it dawned on me that I had never talked to her or my 16-year-old son about creating strong passwords and, especially, why it’s so important to keep them private.
Curious, I asked my daughter if she had ever shared her Facebook password with a friend. She replied “no” as if the idea had never occurred to her. However, some young people do share passwords, says Matthew Johnson, Director of Education for the Canadian non-profit MediaSmarts, which helps people develop media and digital literacy skills. “Sometimes teens see sharing passwords as like sharing a locker combination: it’s a statement of trust.”
But Johnson says giving a friend access to your locker — so he or she can leave a note or retrieve a borrowed book — is not the same as allowing someone full access to your Facebook or Gmail account. In that case, an outsider can send messages under your name or share photos or private emails without your consent. It’s called “identify spoofing” and can have serious consequences if, for example, threatening or bullying messages are sent out under a teen’s name.
To avoid identify spoofing, Johnson says young people need to develop good habits and a critical attitude about their online life. Parents should encourage children to think about what would happen if an email in which a child made mean comments about a classmate were to be made public. Young people should also be told not to forward or share hurtful, derogatory or sexually explicit posts or photos from friends.
“Just because someone else made a bad ethical choice by sending this kind of material doesn’t mean you should forward or share it,” Johnson said.
Everyone, from young children to adults, should also know how to create “strong” passwords, which are difficult to figure out by even savvy computer hackers. Johnson suggests starting with a word you can remember fairly easily, but that has a mix of upper and lower case letters, numbers or symbols, something like Ban*na. Then, modify it for each account, by adding on letters related to that account. A Facebook password might then become fBan*nak, with the first and last letters of the account serving to bookend the password. To increase security, add a number (no, not your age!) at the end.
And while emphasizing that young people should keep this information private, parents must grapple with whether or not they should have access to the passwords. For elementary school children, the answer is most definitely ‘yes’.
“Young children forget their passwords,” said Johnson, so parents should know them for both safety and practical reasons. However, as children approach their teens, families will need to re-evaluate. One compromise Johnson suggests is the piggybank approach. This literally means taking a piggybank and having your teen write important usernames and passwords on slips of paper that go into the bank. In an emergency — for example, a parent has strong evidence that a teen is misusing an account — the bank can be broken open. “It’s a way of saying that you trust your teen but that you have their back,” Johnson said.
As more of our lives are conducted online, digital privacy will be a crucial issue for families. Start the conversation now, maybe just by discussing password safety, to head off problems in the future.
The MediaSmarts website contains a wealth of information for parents and children about issues like online privacy, cyberbullying and more. The organization has two educational games dealing specifically with online information sharing: Privacy Pirates for ages 7 to 9 and Top Secret for ages 12 to 14. The games include tip sheets for parents to discuss related issues. Click here to go to the Education Games section of the website.