Authentication is the concept of proving that we are who we say we are. There are three main ways of doing this.

1. Something we know (a password)
2. Something we have (a token or key)
3. Something we are (this gets into biometrics, such as fingerprint scans and facial recognition)

In an age where most people deal with some amount of digital data, keeping that data and information secure is more important than ever. Since options 2 and 3 aren't generally practical on the Internet, we've come to rely on option 1: passwords.

In all likelihood, not very! The following image shows the 50 most commonly used passwords in the world. Do you use any of these?

As you can see, all of these passwords are very simply, and would be easy for a hacker to guess through brute force even if a list like this was not made public. Most of these are simple sequences of numbers, lines of keys on a QWERTY keyboard, or people's names.

How Strong Is My Password is a tool for checking the security of passwords. If you enter in a password, it will give you an estimation of how long it would take a computer to crack it, as well as potential issues with the construction of your password.

Side note: if I were you, I wouldn't enter your real password into this website. It claims to not share your password over the Internet, but you can never be sure.

Here's the secret to a good password: I can't give you any examples, because then they would become bad passwords. Everyone who does this unit would know them, after all! Instead, here are some general guidelines on what makes a good password.

1. Length - while most websites will only require you to have a password at least 8 characters long, a good minimum for proper security is 12.
2. Numbers, symbols, capital and lower-case letters - again, most websites will force you to have at least one of each of these, but in general, interspersing them throughout your password will make it harder to crack.
3. Dictionary words - avoid obvious ones if you can, these are very easy to guess.
4. Substitutions - these can work, but it depends on how you use them. Turning "House" into "H0use" is too obvious, for example.

These are all good things to keep in mind when creating your password. However, the best option, as detailed in this XKCD comic, is the passphrase method.

This method works by choosing four uncommon, random words that don't normally appear in sequence. As you can see in the comic, this method is more difficult for computers to crack, and easier for humans to remember. You can strengthen by throwing in some random numbers between any two of the words.

Some sites require a number or punctuation character, which you can always add onto the end of such a passphrase.

If you use Google Chrome, Firefox or Safari as your web browser, you might see a pop-up like this whenever you log into a new website for the first time. This can make your browsing experience more convenient, as you don't have to remember your password every time, but it can also pose security risks.

If someone gains access to your computer, then they can access your online accounts if you have your passwords autosaved like this. Use these features, only if your computer is secured with a strong password.

Now that you know what goes into a good password, it's time to make one of your own and start using it. Here are guides on how to change your password for your Mac, as well as your Google and Gibbon accounts.

Mac

Google

Gibbon

In Gibbon, simply click on the Preferences menu at the top of your screen. The password-change functionality is right at the top of the page.

With that, you should have successfully secured your digital experience! Stay safe out there!

To finish this unit, record a video with Photo Booth (on Mac) or Camera (on a Chromebook) explaining how you chose your new password (without actually saying what it is!) and submit it.