Making Strong Passwords
Time 1.3 hrs

Difficulty Beginner
Prerequisites IT Policy
Departments Human Technologies
Authors Wren Merrett
Phil Morgan
Groupings Individual
Minimum Year Group None


Passwords are a crucial component of cybersecurity, but many people overlook them or don't pay enough attention. This unit will show you how to create a strong, secure password, and how to change your password for different services and systems you will use at school.


What is needed to run this unit?
  • ...
Cross-Curricular Links
Do not try and force this. What areas of other subjects might this reflect and/discuss language. For IB, links with ToK.
  • ...
Teacher Reflection
What was successful? What needs changing? Alternative Assessments and Lesson Ideas? What other Differentiation Ideas/Plans could be used?
  • ...
Any CC attribution, thanks, credit, etc.

This page requires you to be logged in to access it. Please login and try again.
5 mins

Authentication is the concept of proving that we are who we say we are. There are three main ways of doing this.

  1. Something we know (a password)
  2. Something we have (a token or key)
  3. Something we are (this gets into biometrics, such as fingerprint scans and facial recognition)

In an age where most people deal with some amount of digital data, keeping that data and information secure is more important than ever. Since options 2 and 3 aren't generally practical on the Internet, we've come to rely on option 1: passwords.

10 mins
How strong is my password?

In all likelihood, not very! The following image shows the 50 most commonly used passwords in the world. Do you use any of these?

As you can see, all of these passwords are very simply, and would be easy for a hacker to guess through brute force even if a list like this was not made public. Most of these are simple sequences of numbers, lines of keys on a QWERTY keyboard, or people's names.

How Strong Is My Password is a tool for checking the security of passwords. If you enter in a password, it will give you an estimation of how long it would take a computer to crack it, as well as potential issues with the construction of your password.

Side note: if I were you, I wouldn't enter your real password into this website. It claims to not share your password over the Internet, but you can never be sure.

10 mins
What makes a good password?

Here's the secret to a good password: I can't give you any examples, because then they would become bad passwords. Everyone who does this unit would know them, after all! Instead, here are some general guidelines on what makes a good password.

  1. Length - while most websites will only require you to have a password at least 8 characters long, a good minimum for proper security is 12.
  2. Numbers, symbols, capital and lower-case letters - again, most websites will force you to have at least one of each of these, but in general, interspersing them throughout your password will make it harder to crack.
  3. Dictionary words - avoid obvious ones if you can, these are very easy to guess.
  4. Substitutions - these can work, but it depends on how you use them. Turning "House" into "H0use" is too obvious, for example.

These are all good things to keep in mind when creating your password. However, the best option, as detailed in this XKCD comic, is the passphrase method.

This method works by choosing four uncommon, random words that don't normally appear in sequence. As you can see in the comic, this method is more difficult for computers to crack, and easier for humans to remember. You can strengthen by throwing in some random numbers between any two of the words.

Some sites require a number or punctuation character, which you can always add onto the end of such a passphrase.

5 mins
Saving passwords

If you use Google Chrome, Firefox or Safari as your web browser, you might see a pop-up like this whenever you log into a new website for the first time. This can make your browsing experience more convenient, as you don't have to remember your password every time, but it can also pose security risks.

If someone gains access to your computer, then they can access your online accounts if you have your passwords autosaved like this. Use these features, only if your computer is secured with a strong password.

30 mins
Changing Passwords

Now that you know what goes into a good password, it's time to make one of your own and start using it. Here are guides on how to change your password for your Mac, as well as your Google and Gibbon accounts.




In Gibbon, simply click on the Preferences menu at the top of your screen. The password-change functionality is right at the top of the page.

With that, you should have successfully secured your digital experience! Stay safe out there!

20 mins
Finishing up

To finish this unit, record a video with Photo Booth (on Mac) or Camera (on a Chromebook) explaining how you chose your new password (without actually saying what it is!) and submit it.

Records 1-2 of 2
Unit Students

Shared on 15/03/2021

Shared on 17/09/2020
Powered by Gibbon v27.0.00dev

Founded by Ross Parker at ICHK Secondary | Built by Ross Parker, Sandra Kuipers and the Gibbon community
Copyright © Gibbon Foundation 2010-2024 | Gibbon™ of Gibbon Education Ltd. (Hong Kong)
Created under the GNU GPL | Credits | Translators | Support