Slashdot Mirror
Child-Suitable Alternatives To Passwords?
An anonymous reader writes "Two months ago I donated my old PC to my little sister, who is 7 — I had promised she would get her own computer as soon as she can read and write properly. I then proceeded to answer her questions about how it works, as far as she inquired, and tried to let her make some choices when installing Debian (she can already use GNOME). As I explained password protection and encryption to her, I was pleasantly surprised when she insisted on protection measures being as strong as possible, so that no one else can screw with her computer. She knows that my younger brother has to endure strict parental control software that was installed on his machine without his consent. The significant problem is that she cannot permanently memorize abstract passwords, even if they are her own creation. I talked with a teacher who assured me that this is common at her age. My parents would probably be able to guess non-abstract passwords. What mechanism of identifying herself does the Slashdot crowd suggest?"
I guess picking the right pictures in a list in the proper order would be a good idea....I think I saw something like that posted on slashdot in the last year.
Would a fingerprint reader be suitable?
Teach her to use passphrases, something like 'My favorite food is steak'. This is something that's easy for her to remember and also hard to break just from the sheer size of the password. When she's old enough, she'll figure out how to make hard passwords on her own; just give her a few suggestions about capitalization, numbers and symbols.
Why not try a phrase or rhyme from one of her favorite books that she can memorize (or perhaps already has). Who says passwords need to be single words - In this day and age longer passwords with spaces are supported on every operating system I've encountered.
A fingerprint seems like a reasonable idea. If she's just trying to keep other family members off of it, rubber-hose cryptanalysis is unlikely to become a problem, and she's highly unlikely to forget her fingers anywhere.
ttuttle is a rankmaniac
Why not have her make the password something like "her two favorite toys, plus her age?" Admittedly, this might not be the strongest password in the world, but at least it reinforces the concept. I guess you could always go with something like fingerprint authentication or some other gadget, but in my opinion that's teaching her to trust yet another device in between her and the OS. Not the best habit to get into...
512 MB RAM, 20 GB disk, 200 GB transfer, five datacenters. $19.95/month.
Have her make a pattern on the keyboard that she can remember. I've actually had a number of PIN codes that I didn't actually remember apart from the pattern they make on the numeric keypad.
It is tempting, if the only tool you have is a hammer, to treat everything as if it were a nail. - Abraham Maslow
Use the first few words from a favorite book of hers. Then all she has to do is look in the book if she forgets.
Well, it's either that or recognise that she's a seven year-old and doesn't need strong encryption no matter how much of a nerd her big brother is. No, beating it into her is far more reasonable.
Tell her to make the password the first name of the boy she likes with her birthday after it. She would never tell someone who she likes:-)
Living With a Nerd
Please don't use "umm" or "err" or "erm".
apparently the latest fad is to inject your kid with an RFID at birth.
You can buy a cheap fingerprint reader, like: http://www.amazon.com/Microsoft-DG2-00002-Fingerprint-Reader/dp/B0002WPSB2 and set it up using http://www.reactivated.net/fprint/wiki/Main_Page
I use it for my home computer without problems.
Why on earth should a 7 year old be able maintain privacy on a computer that can serve as a portal to many nasty things?
What doesn't kill you only delays the inevitable
How about a passphrase like '2beornot2be' I know they have less entropy than other methods, but I've always found this to be easy to remember.
I suggest that you make her first name her password and stop subjecting seven year olds to this type of geeky navel gazing rubbish! You've gone beyond dork and are now foisting your dorkdom upon others. Cease and desist!
I would suggest the parents have the root password, and their child can ask them to reset her password when she forgets.
Parents guessing the password of a seven year old is ridiculous, is this a serious question ?
If she can remember a catchy phrase and she can spell, I bet she can come up with a sufficiently obscure password.
I don't think so...
The parents should have access and use that access.
Unless you want to have the finger pointed at you when something not-very-nice happens from her unrestricted and unmonitored access.
No 7yo is able to be responsible for there own safety and well being.
Either "draw" a share on the keyboard and the letters you hit make up that shape or put together some program which takes some combination of shapes and colors to come up with a password. For example:
Types of objects: Car, Box, Plane
Colors: [display 5 of them]
Pick the right combination as your password, etc.
This is not flamebait. I'm really quite concerned that someone believes that a 7 year old should be keeping information from their parents. I don't think a 12 year old should be either, but that's another story.
It's a simple matter of complex programming.
Because 7 is way, way too young to lock the parents out of the computer. Don't get me wrong, I'm all for personal privacy. Maybe if the computer wasn't internet connected, it'd be better, but at her age she needs supervision, and never to be on the internet alone. Erik
a shape is a great way, for example
p0o9i8u - it looks random, but if you type it out, its a zig zag from p-u (And help her remember, its Pu!)
all sorts of shapes can be used, zig zags are best but a circle can be good too- and you can always hold shift for the first/last two letters for capitals etc)
I think a combination of name and birthdate might be suitable. While it would be possible for the parents to know it (obviously this is good), her brother may not. For instance, if her name is Brittany with a birthday of April 23rd, you can do a password of: b0r4i3t0t
Just tell the child to memorize a password already. Anyone capable of using a computer ought to be able to remember a password or two, and indulging anything less is just catering to intellectual sloppiness. I'm sorry to be harsh, but when we make things increasingly easy for kids, we end up increasingly incapable adults.
Seriously, she's 7?!
I have two daughters around the same age. They share a computer that we gave them for xmas. They have their own accounts, with their own passwords and my wife and I maintain the Administrator account. I could not fathom them having an Internet-accessible computer without us having full control over it.
Am I missing the point ? Because when I read:
"My parents would probably be able to guess non-abstract passwords"
it sounds to me like you're trying to keep a 7 year-old's parents off of a computer she uses when they have every right (and reason / responsibility in this day in age) to know what their young child is doing on a computer.
Of course I am all for teaching kids how to be security conscious and protect their private data. But it's a fine balance. Parents need to keep themselves in the loop in order to, you know, be effective parents.
My voice is my passport. Verify me.
Create a random key file on a USB key and set up linux to use the key file as the decryption key for the hard drive. That way, she won't have to remember a password.
Pick a funny sentence, such as "my dad has really stinky feet", and have her use the first letter of each word (in this case, mdhrsf). The result is an funny & unforgettable, yet unguessable, password. :)
Have her take a favorite book, start at a random page (or first page if she only needs to keep family members off.) Read the first letter of each page for 10 pages.
On a different topic, you said one thing that shocked me:
She's 7. I don't know how old your younger brother is, but at some age, it is a reasonable thing for a parent to do. It cannot suppliment for parenting, but it can be handy to insist on a website whitelist, or 2-hour cutoff.
Seven-year-olds shouldn't have the full rights of adults.
Your ad here. Ask me how!
go on u know u want an excuse to buy the hardware
With phrases like "She knows that my younger brother has to endure strict parental control software that was installed on his machine without his consent" and "My parents would probably be able to guess non-abstract passwords" you are clearly trying to undermine your parents. I know that children, though you don't give your age, usually think that they know better than their parents, but guess what: it isn't usually true! I hope that your parents are smart enough to take your sisters computer away if you succeed in locking them out.
For instance, in high school I listened to Tomorrow Never Knows off of the Revolver record by The Beatles nonstop. Since I know every lyric of that song, I might pick the opening line: Turn off your mind, relax and flow downstream Which would render the password: Toym,rafd Not a bad password, in my opinion. You could do the same with the opening line of a book, quote from a movie, TV show or even a line from a poem. All of these things are very memorable and produce hard to break passwords.
My work here is dung.
You are going to set up a young impressionable 7 year old girl with a computer that her parents can't look in on, and law enforcement can't get into? Will it have internet access? More importantly, can her Debian distro run AIM? What is her screen name? Is she available for cookies and ice cream on Tuesday? I'll pick her up at the park when she is supposed to be at school, it will be a secret! So much fun! And I have puppies and candy, too!
I think you mean well but perhaps haven't considered all the ramifications of what you are trying to do.
I am not an expert, mind you, but I would suggest an encryption key, possibly passwordless for now.
Why? Well, you could modify PAM to check for the key instead of a conventional login I believe and then give her something like a USB thumb drive to store the key on. Just have it read from the UUID of the thumb drive so only that one could be used, drop her key on it, and whenever she wants to get in she just has to plug it in. Not such a bad idea though it would still require a little bit of research into modifying PAM behavior.
You could also check out thumbprint scanning if the laptop has one built-in or you do not mind getting one for her to use. Just a few ideas to get you rolling.
"Just a fox, a whisper."
2) Young
3) Computer Geek
Is she single?
The idea that it is reasonable to provide for a seven year old a computer to which no responsible adult has access is simply insane. If my nine year old floated that idea to me the MAC address would be barred on the home router in about two seconds, and all access offsite would be transparently proxied into squid as soon as I brought the appropriate instance on air. Anyone who permits a child that young to have unfettered access to the Internet should be sterilised, and anyone who aids and abets them should be treated equally harshly.
password: CowboyNeal
who would ever be able to guess that one for a 7 year old?
A pass phrase is still too hard for adults and a lot of typing for someone that probably isn't a touch typist. How about buying a usb fingerprint reader? I was thinking smartcard but that'll be too easy to lose.
My friends taught their son to type by setting a password on his computer at about age 4. He would ask them what the password was and they would say "mom" or whatever and sometimes he would ask how to spell it, and sometimes not. By the age of 7 he was picking his own passwords.
That way she has a token that she can easily carry with her (or hide in her room) that will identify her. Bonus points for using a USB key that is brightly coloured or is otherwise aesthetically child-friendly.
Alternatively, consider fingerprints - this may actually have quite poor security, but in this case it's probably good enough. And the privacy issues don't apply in this case (she _wants_ the security and her fingerprint will only be stored on her own PC). The other known problem is that some people don't have usable prints, but this is something you can check.
...like, "My parents are responsible for me." Or, "I live under their roof, so I play by their rules." Or, "My brother is an asshat."
And yes, I'm a parent.
Just set it to something like himynameisjenniferim7howareyou. A sentence simple enough for a child to remember yet complex enough to make it impossible to guess (and nearly impossible to brute-force.)
Of course, I have to question the ethics of locking out a child's computer from her own parents. I can't see any legitimate reason for doing so.
An object at rest cannot be stopped.
The quick fix is to use a defined password (e.g. "Hunter") and have the child change it in a predictable way (e.g. add a 2 at the end.) It's not secure as a random alphanumeric, but it is good enough to prevent casual password guessing. If you want, you could even log unauthorized access attempts as well so that attempts to guess the password get picked up. This is the same method I used to create one of my earlier passwords, and so far, nobody has guessed it (but certain sites don't like it since it didn't contain a number, capital letter, or non-alphanumeric.)
I believe that it is appropriate for the parents to have parental control and supervision of what a 7 year old is browsing and participating when online. this is true whether the child is male or female.
It is as if you are projecting your issues upon your little sister.
Please look within your heart to see how locking out parents physically or emotionally in the long run is inappropriate and will only create angst.
Besides they will simply install windows (or have it installed for them) so they have the parental control back.
Your aim seems to be missing the mark.
And in the end, the love you take is equal to the love you make
How about: LOAD "*" ,8,1
That's all I knew to type on my C64 when I was 5 and wanted to play games.
I think that this case might be a little silly because the parents should have root/Administrator access and the child should have a user account, but there is a real question here: how can someone who isn't able remember a password identify themselves to a computer? For example, in a situation where all of the students at an elementary school have individual accounts. First graders cannot be expected to remember a password, but they do have an expectation of privacy. Or maybe the case of someone who has had a traumatic brain injury and suffers from severe memory loss. Despite the framing, the core question I think still stands.
So basically you want to subvert the ability of your parents' to exert their moral and legal responsibility to raise their daughter by allowing a 7 year old child, one who is not capable of something so requisite as remembering a significantly complex password? Your little sister has no business having unfettered access and control over her computer, and consequently, her online experience. You are irresponsible, probably due to considerably immaturity, and should refrain from interferring with your parents' raising their daughter.
Democrats and Republicans are like AIDS and Cancer, I want neither!
that argues for parental responsibility being the proper way to deal with internet issues and children, rather than an intrusive nanny state
and i agree with that sentiment
but here we have the suggestion that a 7 year old have an abstract password her parents can't guess
uh huh. the opinions of teenaged boys are apparently very worldly and experienced
work through the logical inconsistency, then update your opinion on a 7 year old's right to privacy from her parents
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
you all lose no Score:5 comments rofl
What parental control software IS there for Debian?
one of the main reasons I haven't switched to Linux is the (at least percieved) lack of parental control software...
I would say the majority of non-computer users have trouble remembering really strong passwords (ones that make use of a mixture of letters and numbers and punctuation marks). I find the solution is to rely on muscle memory.
Pick a column on the keyboard and press every key along that line. For example 4rfv. Now hold down the shift key and repeat it. $RFV. So the password is 4rfv$RFV which is relatively strong for most uses but is a snap and simple to remember.
The only caveat is that it's not a password that you can type while someone is watching but then...really nobody should be watching when you type any password. Although, pressing the shift key can be pretty subtle.
Other patterns like squares or crosses work as well.
- JoeShmoe
.
-- I wonder which will go down in history as the bigger failure: the War on Drugs or the War on Filesharing
Something like 3ed4rf5tg (try typing it) or sxdcfvgb should do the trick. Starting with the first letter of her name might help.
...but why on earth would you want to secure a computer used by a 7-year-old girl against parental scrutiny?
Her brother has to "endure" parental conrol software, which seems reasonable to me. If I had a 7-year-old daughter who secured her computer in such a way as to prevent me from knowing what she was doing with it, I'd take the computer away until she agreed to let me supervise.
Privacy is a great thing in most circumstances, but it's not an absolute good. The world is full of terrible things that a kid that age knows nothing about.
If it works on Linux and evil little brother does not unplug it.
There are lots of choices:
-- get a computer with a fingerprint reader
-- get face recognition authentication (not very secure but good enough)
-- put the home directory on a USB flash drive
-- put the login key on a USB flash drive and use a modified PAM
-- get a wireless screen lock/unlock fob (special purpose or bluetooth based)
-- get a motherboard or drive with a removable hardware disk encryption key
-- use a smartcard reader and smartcard authentication
I for one wanted my kids (3) to all remember important information - in cases of emergency or if they got lost etc...
I set their passwords to our home phone, cell phone or home address
Even really young kids can learn to remember those - every time they wanted to use the computer, they would practice that very important information
It didn't take any huge amount of effort for them to remember those 10 digit numbers
Two problems solved with one solution
---- "Logoff! That cookie shit makes me nervous!" - A. Soprano
...she never realized that they monitored her internet usage at the proxy server?
(naturally they would of blocked certain protocols...)
Thanks for your password, I've taken the liberty of moving all the money for your bank accounts to mine.
I'm pretty sure that when I was seven I knew my address and a couple others. If you don't know you're looking for one, addresses have all the key elements of a decently strong password: numbers and letters with a capital. I'm sure in this case it would be more than secure enough. It doesn't need to be a real address, though it could be, I just think that learning it as one would probably help.
Sendou Wave Kick!!
Holy mother of God - what, besides WebKinz do you think your daughter is likely to be up to? And if your Linux box won't run that and Bild-a-Bear properly then she won't like it anyhow.
She's seven years old! Let her pick a password that's easy for her to recall. The important thing is that she's accustomed to passwords etc, not that she understands cryptographic science.
Three Squirrels
Children don't develop certain reasoning and memorization skills until certain ages, not because they're stupid, but because their brains haven't physically developed to the point where it's possible for them to do it. While the age where a child abruptly develops various cognitive skills varies from child to child, an average kid below the age of 12 or so possesses almost no abstract reasoning skills whatsoever.
"School-age children are limited to thinking concretely--in tangible, definite, exact, and uni-directional terms--based on real and concrete experiences rather than on abstractions." Source (yeah, yeah, Cliff's notes, but this is Psych 101 stuff.)
You can't tell a seven year to "suck it up" and perform a task her brain simply can't yet handle. It's completely ridiculous.
Seven year olds love secrets and hiding places. Write the secret password on a piece of paper and ask the user to hide it in a very safe location. As long as the parents have the Administrator or root password to perform parental system audits (possibly only after bedtime), system management and password resets, I see no problem with the parents not knowing what the password is. All this, of course, assumes the parents are able to supervise use according to their parenting style and the child's needs.
"...I was pleasantly surprised when she insisted on protection measures being as strong as possible, so that no one else can screw with her computer. She knows that my younger brother has to endure strict parental control software that was installed on his machine without his consent."
This has me a little baffled, but probably for lack of context. I'll assume that formal legal gaurdians or parents are the agents initiating the installation of the parental control software. If not, ignore the rest.
The concern seems to be that a 7 year old girl should be able to successfully thwart any attempt to protect her by the "screwing" of her computer in spite of what might be a legitimate act by those charged with her care to protect her as a child. If she were 18 (maybe even 16), that's one thing, but taking direct action to eliminate protective policies over a young child from someone who is clearly not the parent or guardian steps over a number of lines, both legal and ethical.
Whether or not you agree with "strict" policies that govern a child that is not your own, it just isn't your decision to make. The fact that it is a computer makes no relevant difference.
Maybe the conversation would more appropriately be with those that are liable and charged with her care rather than trying to subvert it.
This is what I do as well. If you throw in the easy number substitutions, you can generally meet any complexity requirements. For your example, I might use T0ym,r4fd.
Give a man a fish and he will eat for a day.
Teach him to eat and he will fish forever.
She's 7. She'll give up her password for a candy bar, or at the first threat of an Indian burn from an older peer.
Try to hack one of those! :)
From my experience with interactive games children seem to have a much greater ability to store a complex pattern than an adult. If presented with a x long sequence of 8 different colors a child can usually remember up to about 12 easily.
you need privacy even as a child, it's not like a parent has direct access to a childs brain. There are secrets that you should be able to keep.
She doesn't get a "no parents allowed" computer any more than she gets a "no parents allowed" room. Get a clue, man.
Obviously you object strenuously to your parents "techniques", and I have to agree it sounds like bullshit. But you don't help matters by showing your little sister how to hide everything from them. She's as unready for that kind of freedom as she is for remembering a password. Obviously she trusts you, and you care about her (it's not just getting back at your parents, right?). Why not have her let YOU remember the password, so she can log in when you're around to provide a little gentle guidance as to what's appropriate for her young self.
Did you tell your parents everything? I know I didn't tell my mother about the time we found a porn mag in some bushes.
A lot of these answers do not address the question at all. I would think a USB stick with a login script would work. The fingerprint scanner seems like an overtly costly alternative to a password.
She doesn't have to use an abstract password when a psudo-abstract password would work just fine. Come up with a mnemonic for her. Take a phrase she knows like: "Barney is a dinosaur from our imagination". Then use the fist letter in each word. "Biadfoi".
if she knows any songs or verses, or just has a favorite book or cartoon, let her pick phrases from that. Just glue a few words together. It makes for a good long password that no parent will be able to guess.
For better security you may change certain characters to certain numbers. Like "where does your power lie" becomes "where1oes".
As said already: use a passphrase.
Here's one for starters: "my daddy is a nerd".
18 chars long!!!
Ask her to pick three of her favorite things that she knows how to write & spell. Have her use those three items (not words but items, younger minds can grasp objects more than words).
(ie: catbookrose)
Then have her append her birthdate (ie: if June 7, then "catbookrose7"). The odds of anyone guessing the three words plus number is very slim.
LOL, my 7 year old always ends up being the computer expert in his classes, since preschool. But I still think 7 may be a little young to have a personal account and memorizing passwords. In my household, the younger kids share an account with a simple and long password written on a card stuck on the kids' computer. The shared account is just a limited Windows XP account and the PC itself is out in the open in a dining room corner. The older kids have their own accounts at the power user level and I'm the admin. It's not perfect, but since I my own work is done on a separate computer, any disasters are well contained.
To the making of books there is no end, so let's get started
Better suggestion, don't bother stripping anything. This isn't the DOS age. Have her pick a sentence that she'll remember and use THAT as the password. Unless she's the next Tolstoy, she's not going to come anywhere near the limit and since brute force password hacking becomes exponentially harder the longer the password, a sentence is a perfectly strong password for these scenarios.
Just reminder her not to sound it out while typing it.
All you need is the following.
A seporate USB Keyboard a numberpad extenstion can work
A Lathe.
A Wooden Dowle.
A wooden box or sheet metal.
A drill with a bit the same size as the dowel.
Ok take apart the USB Number Pad rewire it so all the keys are in a straight line.
Take the woden dowle on the lathe and cut impressions for all the keys.
Cut out different sections from the lathed dowle so when spun over they keyboard it presses the keys in a unique fassion. Put the modified keyboard in the box and drill a hole in it just above the keyboard for her to put the Dowle key in. and hook it up to the computer. And have her keep the key. That whay when it asks for a password she just needs to put the key in and turn it. And it will type the password.
This may sound a bit extream but the instructions are easer then say getting Ubentu to Run in Parallels.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
Quit posting crap articles like this...this is obviously about a 14 year old boy that thinks his sister needs security from his clueless parents.
Four horrible ideas in one!
Definately, teaching her to use stupid IM/text-messaging shorthand is bad. But far worse is the idea that she should ever get used to typing real information about herself into the computer until she understands the difference between public and private. As a seven-year-old, I can assure you she does not yet make this distinction.
Your ad here. Ask me how!
I use the first letter of each word from a song, for example:
TWOTBGRAR
The Wheels On The Bus Go Round And Round
Enjoy!
I don't mean to offend your daughter, but maybe it's time to get serious with helping her learn. Children are supposed to be able to read and write well enough by age 5.
How about
Barbie
or
OMGPONIES
but make it l33t like:
b4rb13
or
0mgp0n135!!!11!!
Vivin Suresh Paliath
http://vivin.net
I like
I recommend not leaving a seven year old unsupervised in a park, in a house, or on a computer.
PAM USB auth.. Then you can take the smallest USB flashdrive you can find. Then build it into something fluffy and big.
Get a USB barcode reader. Print out a Card for her that has her password as a barcode. Have her scan the card when she needs to login. Heck it can have a name and password.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
Why don't you just use the whole phrase, "Turn off your mind, relax and flow downstream"? Or maybe half of that. It's much stronger, in my opinion, and probably easier to remember/type.
http://www.skullsecurity.org/blog/
> She knows that my younger brother has to endure strict parental control software that was installed on his machine without his consent.
I doubt her parents can even find parental control software that runs on Linux. Unless, of course, they use some variant on the Squid proxy... which can just be installed on the router (they could easily use a PC and a switch as a router) and bound to her MAC address.
If they're good enough to rig that up, social engineering their daughter's password is nothing.
Seven year olds should be monitored by parents. Blah de blah de blah. (Fuck if I'm going to get involved in your intra-family politics; you guys live together, you figure it out.) You've asked me, Anonymous Coward, Slashdot Security Expert Extraordinare for my advice for your client, and I'm here to oblige:
:-)
She's actually got two things going for her:
- Plausible deniability: She can legitimately claim to have forgotten her password in case her parents want to launch a deep investigation.
- Diminished importance: She's a seven year old girl. Nobody will think her possessions or person are important. She should lightly sketch her password in pencil in a dark corner of her backpack. She can hide a backup copy of her password in her desk at school (on a piece of paper, tucked into one of her textbooks). She's unlikely to be searched for a physical copy of the password that only she knows will exist. If a real copy of the password is discovered, it is "Today's Password" for 'her club' at school. (For cover, she should start 'a club' during recess and actually make up silly daily passwords; it's nothing more than a handful of girls acting silly during recess, but makes the perfect cover.)
Now she'll get to practice *real* security.
For a long time, my old room mate used the serial number on his mouse as part of his password. Eventually, he memorized it.
My daughter, who is not yet two, is able to memorize the names of objects amazingly quickly! Maybe you could try having your sister pick out four items in her room and taking the first three letters from those items to make her password.
Bear, Paper, Desk, Window = beapapdeswin
All she would need to remember is which items and which order (and how to spell the words, of course). Sure, these wouldn't be strong passwords, but they wouldn't be easy for a family member to guess either. If someone is going to sit there and crack the password, they're going to get it no matter what she chooses...
Tell her to pick a favourite book, choose a page number she can remember, and pick the first letter of every word from the first sentence on that page.
Salut,
Jacques
of PINK PONIES!
Sig this!
My youngest turns 21 in a couple of weeks. If your sister needs a password your parents can't guess, your parents are doing a really bad job at parenting. A kid that young should NOT be on the internet unsupervised.
And speaking of which, what are you doing at slashdot, kid? I can't believe anybody would let their teenagers go to a place with goatse pics and mcgrew journals! When I was your age I was almost getting expelled for taking a "hydrogen bomb" to school.
mcgrew's razor: Never attribute to stupidity that which can be explained by greedy self-interest
This is a Debian system. Rebuild kernel w/o module support and the parental controls can be busted almost as fast as they can be loaded.
... and found you had installed a computer with Internet access and given my 7 year old a password protected account, I would format the disk and return it to you. It is not your job to be her parent or deliberately circumvent their wishes.
If you think their methods are wrong. Talk to them and tell them why and what methods are better.
I and yes, I know that makes me sound like a middle aged control freak, but that's because, with a 7 year old, being a middle aged control freak is part of the parents' job description.
write it down and hide it
San Francisco Photographers
You need to stay the hell out of your parent's business.
When you have a 7-year-old, feel free to lock yourself out of their PC.
Kids that age need to know their phone number for their own safety/security anyway, so having to remember it to use the computer is just one more incentive...
I have a seven-year-old child who needs to drive around town in a car, but has problems getting the keys. Is there anyone on Slashdot who has suggestions on how to open, start, and operate a car without keys and otherwise make it so easy even a seven-year-old can do it? Thanks! Signed, A Responsible Human Being
I actually wrote an article about using pass phrases that is a little more in depth than what you mention. It's sitting over here http://www.techemperor.com/2008/02/01/how-to-maintain-secure-passwords/. It's probably a little overly complicated for the original poster since the method creates very bizarre passwords that might be beyond his sisters grasp. But if he approaches it from right way she might get it. I would say introduce it as Decoding your password. She has her phrase, and the she has several steps to decode it the phrase into the password. She doesn't actually have to remember the password, just follow the steps. Then someone would have to get both her phrase, and the steps required to create a password out of it in order to break it. Again, no idea how practical this would be for the kid in question. But I use this method for all of my non-throwaway passwords.
Check out JoshJitsu.info for Brazilian Ji
Child picks one of her favourite songs or nursery rhymes and then a part of it.
Use the initial letters of key words to make a password.
Simple examples:
How Much Is That Doggy In The Window = hmitditw
Reach For The Stars Climb Every Mountain Higher = rftscemh
AT&ROFLMAO
It's a physical key rather than something to remember; set up the machine so if you insert it you are logged on without further ado at the gdm screen or whatever.
I just tattoo bar codes on them and installed a bar code reader
1) Give her a password of 8 astrics: ********
2) Take her favorite book or a poster on her wall and have her name say the character names. Use the name of the odd character. you know, the little one in the back. Parents know the main characters alot better than the secondary ones.
before your are done, talk with the parents.
My kids are not oldenough yet to get a computer. But once they do get one I will have root access to it. I am also considering running snort to packet sniff and report on the activity.
Im a gamer, not a grammer major. This post is full of spelling and grammer mistakes.
"provides a simple solution we ordinarily remember? done!"
or is it a little creepy for a guy to be helping his 7 year old sister avoid parental supervision?
I dont have a problem with kids having a computer, but you shouldnt be doing it behind the parents back. What every system you use, they have a RIGHT to know about it. Even if it is your sister.
I was just starting to play with things like LOGO at her age, and believe me, kids can learn things amazingly fast. I don't think I was exceptional in my computer ability-- I was just exceptional in that I had early access to computers (Wally Feurzig, one of the co-inventors of LOGO, was a coworker of my father's). Just give kids access, and plenty of it, and they're pick up from there. Computers are just so darn cool.
For example, on our TI computer, I would frequently run across "SYNTAX ERROR". This initially shared the shit out of me. I clearly remember feeling like I had made some kind of dreadful mistake. I knew what ERROR meant, but SYNTAX? Sounds bad. So I asked my father. "Oh, so it just means I spelled something wrong?" Once I knew that SYNTAX ERRORs weren't going to kill me, I got a lot more adventurous.
But one of the biggest things for me early on was using the printer. The PDP-11 at my father's lab was hooked up to this great, big daisywheel teletype machine, a DECWriter. Putting that thing in motion (it's like a machine gun!) was pure joy for a young kid. I was inspired by a picture of a dog (yep, ASCII art) that a grad student had printed and left hanging on the wall (the lab was the Astronomical Research Facility at UMass Amherst, ARF, for short. Get it? "Arf!"). I was consumed by the idea of making banners. But also of the idea of making books (they had this three-hole punch that could punch through, like 100 sheets of paper no problem). I was playing then, but those 1337 skillz are still with me today. Ok, maybe not the banners part, but I do work for a book publisher.
Anyhow, show a kid what they can do with a computer, and they'll be off on their own. Passwords? No problem. Make it a game. She needs to copy this sentence out this book. It's a secret. She'll love it.
Tell her anything is possible with a computer. That'll get her imagination fired up enough to get her through the hard parts. It's what's kept me going after all these years.
People pick crappy passwords. Use Diceware (or the password-generation algorithm at the end of the Diceware PDF).
http://outcampaign.org/
That's a lot more typing. I often use a first-letter scheme as described (it's handy for systems that offer password hints, too: "Beetles" [sic] isn't giving too much away for the given password), but I'd hate to have to type the whole thing out every time.
Quidnam Latine loqui modo coepi?
Teach him to eat and he will fish forever. Just wanted to say your sig is awesome. Though I can't help but thinking there's a third part that starts with "Give him a beer...".
Want to improve your Karma? Instead of "Post Anonymously", try the "Post Humously" option.
If either of my sons tried locking me out of their computers, the machines would end up in the trash. The cure to damn near everything wrong with kids is _more_ parental intervention, not less. Especially a seven year old girl!
There are no webfilters on their machines; just the knowledge that I can inspect them at any time. Just like their closets, under their beds, backpacks, etc... (and they are turning out great, by the way, and actually still like and respect me.)
Just make it recognize only the girl... Her pass phrases should be in baby talk... with goo-goo, gah gah, BAM BAM! BAM BAM BAM !... koo, koo, keh-koo, kah-- gah-- soro soro shitsureishimasu...
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
I said n/t!
ON DELETE CASCADE
I think a secure password is good, but do you really want to shield your little sister from your parents' protection? If she can't remember a good password, do you really think she's cognitively developed enough to discern between someone who wants to be friends and someone who's gonna end up on "To Catch a Predator"? Your ideals of personal freedom don't quite apply the same to someone that young. I would want to know what my child was exposed to. That either means a) only supervised use of the computer, b) some software that prevents things I decide are objectionable from being accessed. Personally, I'm not a fan of using computers/TV as baby sitters, so I'd go with option a. However, if computer use is supervised, what's the point of protecting it from the parents?
Pick a row or column on the keyboard and have them type that. Like "vfr4nji9". It looks obscure, but is easy to remember, all you really need to remember is the first character.
Sheesh. It's a seven year old's computer. It's not going to have her mastercard number on it. Just write the password down for her.
Amazing how hard people can make a simple problem.
Who ever hinted that it was a portal to many nasty things? Maybe all that's on it is her favorite Carmen Sandiego games, and she wants a password so her 9-year-old brother can't play her games, or install his games on her computer? It might not even have an ethernet cable attached to it.
Ownership can be complicated when it comes to siblings, and sibling rivalry. I can totally understand her wanting to have her "space", in a sense, that only she can get to. Didn't you ever have a fort, and only let in friends who knew the secret password, or a lock with a secret combination? It implies ownership and control, and that's an age where you start to understand it and work with it.
MOD PARENT UP++
Hey KID! Yeah you, get the fuck off my lawn!
As a password when I was a wee lad, I used to sing "Marry had a little lamb" while typing out it's corresponding telephone notation on the keyboard numpad. It was a suprisingly effective way to remember a huge string of numbers and symbols. I remember it as clear as day:
Grab a handset and dial: 65456665556**6545666655654
Good luck cracking that password.
And just for fun, here's a nifty grown-up password system I use that ensures an easy to remember password that is different for everything you visit:
1.) Pick a word. - ex: apple
2.) L33t-a-fie it - ex: 4pp13
3.) Take the first three letters of the domain/service you're using and add them somehow. - (ex: slashdot, gmail, amazon)
- If you're visiting GMail, your password becomes: gma4pp13
- If you're visiting slashdot your password becomes: sla4pp13
- If you're visiting Amazon your password becomes: ama4pp13
Now you have an easily memorable password that is different for every single place you use it, yet very secure and garbled.
* For added swank, use a foreign base word.
* You could also disburse your destination letters differently. IE, gma4pp13 becomes g4mpap13
Kids have always had little secret things, this just seems to be updated in terms of technology. I don't see how this is much different from having a locked/secret diary. He didn't say this computer was connected to the internet. And passphrases seem like they'd be quite difficult for someone so young to type correctly. Remembering the fact that she isn't gonna be able to see anything she has typed.
A seven year old with an actually secure computer that not even her parents can gain access to. That's just nuts. And why wait until she can read and write to give her a computer? I can half understand the reading part but writing? She could have been learning to type while learning to write and there is a ton of software for young folks that don't require either skill. Edutainment that uses pictures and colors rather than words. But why lock out the parents? That's pretty troubling.
How is it that one careless match can start a forest fire, but it takes a whole box to start a campfire?
You can't take the sky from me...
I was shocked a number of years ago when I was moving some furniture so the floors could get cleaned behind the beds. There, under my (then) five year old's mattress, was a complete list of all of my (and my wife's) passwords. He had everything (from multiple machines): power-on passwords, logon passwords, email account passwords, merchant passwords--even our online banking passwords!
[No, they were not all the same. Some of them were quite complex, too, like 'ni*45FPN!ng'. I got to play "change-the-password" for a few hours that evening.]
I asked him how he got them: he shoulder-surfed us for every one of them. The reason he had them? He wanted to sneak down to the computer at 3 in the morning and play Spooky Castle.
That scared the snot out of me. Now, I know he may not be the typical kid, but it just goes to show that you really can't be too careful with your passwords.
As to the boy, I started encouraging him to use his powers for good. I teach network administration at an area college, so I started bringing him with when I had to configure the lab. He caught on quick, and was a huge help. He's just over 11 now, and while he's still one of the most tech savvy kids in the house, he has little interest in PCs (that might be a good thing). He'd rather spend time outdoors (even when it's thirty below zero) or with his pet cockatiel.
I use irony whenever I can, but my shirts are still wrinkled...
Something smells fishy here. Is the story submitter really an older brother, or is he a pedophile hoping to groom a seven-year-old girl without her parents interfering?
#DeleteChrome
Leet speak is a great way of "encrypting" passwords to be both easy to remember and hard to guess. And, bonus, your child knows Leet! They'll be so popular! Just teach her the basics and have her set the password with a 1337 version of a word she remembers.
"Just because you're eloquent doesn't mean you aren't a fucking crackpot." -Wavebreak
"She knows that my younger brother has to endure strict parental control software that was installed on his machine without his consent."
I wasn't aware that parents needed consent from their kids before acting as a parent.
Format and Restore will take care of any password issue if the kid doesn't want to hand it over. You don't have to be computer savvy to know how to pop in a recovery disk.
Work Safe Porn
Which would render the password:
Toym,rafd
Whatever she uses, just make sure to tell her not to say it out loud as she's typing it in.
My Best Friend Is Marry, She Live Next Door - mbfimslnd
I actually was just setting up a box at work that I wanted others to have access to (since I had given my 2-weeks notice), and I accidentally left my caps lock key on. Which meant my password ended up being PASSWORD.
Nigh on unbreakable, she is.
Please stop stalking me, bro.
Make a non-abstract password from an easy to remember phrase. Say for example: "My favorite book is The Cat in the Hat" you've have a password of: Mfbitcith add a favorite number, and it's fairly secure and not too hard to remember.
As this girl is seven its fair to assume that in a few more years her fingers will be twice their current size.
It doesnt sound like you bothered to even try it. It might work. And besides, you can always use the "big toe"
You can't take the sky from me...
Teach her to remember a shape or pattern on the keyboard or keypad. For example the one I teach my nephews. Double pyramid = aw3eds.cfthnbv or the "x" = 159753 or number pair= 41q3e5t7u.
If you can teach them a pattern, young kids are more likely to remember that more easily while maintaining abstraction needed for strong passwords.
Seeing the beat down the OP took restores my faith in Slashdot. Nice to see some common sense around here.
There are 01 kinds of cars in the world. The General Lee, and everything else.
"When I was a boy of fourteen, my father was so ignorant I could hardly stand to have the old man around. But when I got to be twenty-one, I was astonished at how much the old man had learned in seven years." -- attributed to Mark Twain
Need a good alternative for kids because they cant remember passwords? use Biometrics.
Let's see if I get this: you're looking for "a child-suitable alternative to passwords" but you install Linux on her PC, because as we all know, Linux is the most "child-suitable OS" out there, right? Yeah, makes a lot of sense; sadly enough only on Slashdot. She's 7, all of here friends are (or will be) using Windows, running all kinds of games and you introduce her to Debian. *Great* move (to answer your question: if you think she'll be able to use Linux, she sure as hell should be able to use passwords, don't you think? Well then. Problem solved).
Dad's wallet. Let her think of her own password to keep her brother out, then hand it over to mom and dad in case she forgets.
She gets her privacy, parents get their child's safety. A simple solution that works for both parties.
In an effort to conform with internet communication standards, please note that the above comment is 100% biased opinion
Unfortunately, I don't have a seven year old girl to hand. Also, after undergoing the relevant testing, I fear my comment may be far too far down the thread to be pertinent.
As a computer repair person, I *INSIST* that parents should ALWAYS know their kids' passwords, even up to 18 year olds.
I hate to break it to you, but your little sister is under 18. Any property that she thinks of as "hers" is really your parents. (For that matter, if you're under 18, anything that is "yours" is really your parents.) I routinely remove passwords from "kids" computers because it is horrible security to let a kid have completely unfettered access to a computer with ZERO oversight. (I'm not saying that the parents MUST "check up", but that they should at least have the possibility.)
Heck, probably the mere fact that it's running Linux will be enough of a barrier to keep your parents out.
Another non-functioning site was "uncertainty.microsoft.com."
The purpose of that site was not known.
sudo apt-get install apg
..., King Clubs, Ace Clubs, 2 Diamonds, ..., King Diamonds, Ace Diamonds, 2 Hearts, 3 Hearts ..., Ace Spades
apg will let you generate secure passwords. Walk her through the program to generate a password for herself.
Now, give her a deck of cards with the cards arranged in suit-alphabetical numerical ascending order:
2 Clubs, 3 Clubs,
Now use a permanent black magic marker to write the password on the side of all the cards. Wait five minutes for the ink to dry. Shuffle. Set the cards in a desk drawer.
Now, she can rearrange the cards to recover the password any time she wants. She can also obscure the password any time she wants by simply throwing the cards on the floor and picking them up at random.
Perfectly acceptable for a kid to have a deck of cards for playing games like Slapjack, Old Maid, etc. Perfectly secure as long as she remembers not to arrange the cards in front of her parents.
.. use a 'pronouncable' password gizmo. Would this help?
For instance, 'carrot' becomes 'C@550t' Being pronouncable lets her use a word (please don't let it be Hannah) that she can remember, though the abstract symbols might challenge her.
Or let her tattoo it on her neck. Just kidding. I'm a troublemaker, you know.
deleting the extra space after periods so i can stay relevant, yeah.
I would venture a guess that the same goes for most of you.
Slashdot's demographic is clearly getting older. Yes seven is a little young (by the time you're 12-13 you should be on your own), but I don't see what harm can possibly come from it if she's properly educated.
"an anonymous reader" = child stalker
"my little sister" = little girl that I've never met who chats with me on the internet
"donated my old PC" = told her how to fdisk and install Debian to get rid of parental control
"my parents" = her parents and/or the FBI
The Slashdot crowd would like to suggest some mechanisms for the poster identifying himself.
You never really know how close to the edge you can go until you fall off.
My son had no difficulty remembering his password at age 6. His password is the name of a piece of decoration next to the computer desk. I won't tell you what it actually is (duh!), but let's suppose it was a cactus - then his password is "cactus". Obviously that won't survive a dictionary attack, but that machine'll refuse any attempts to connect remotely.
cb
Oooh! What does this button do!?
What does she like?
Now is a really good time to teach risk. For example:
What is the risk she will need to prevent someone from logging on at the computer?
it looks like exactly 1 brother.
SO what she needs to do is trick her brother.
Perhaps something like:
IHatePonies.
Our childrens passwords is a pattern they can figure out. So them may not memorize, but the will need to think about it, and if they are stuck we give hints. Our house is different in that we all trust each other, so my son and daughter don't have different passwords. Locking someone out doesn't teach them respect or courtesy.
My children are currently 7 and 10.
Example:
Fathers initials birthrate mothers initials birthrate
FD312GD1121
no, that's not ours.
Of course, you could get her a fingerprint ID system.(Having her fingerprints on file is a good thing anyways). A file you keep.
For PONY!
The Kruger Dunning explains most post on
because you told us all what it was.
What sound do people on rollercoasters make? Hint: it's not Xbox 360.
Are your parents able to GUESS the password? Are you telling me that there are so few words in the English language that a 7-year old know that her parents woud just guess it? How about "bicycle"? OF all the words she knows, when exactly would you guess THAT one? Or how about teaching her to type a word she didn't know beforehand? "windowsill"? Too long? "fork"?
How effective password-cracking parents are we talking about?
what children put in their journals.
Very important thing a child won't talk to their parents about, but absolutely should can appear in journals. Abuse being the big one. Abuse comes in many forms, usually from people you know.
The Kruger Dunning explains most post on
There are ways such as a USB drive with a public key or password file on it. If the drive is present and the file passes diff, then it allows access without a password, if the drive is not, it requires the password. The problem with this is that someone could get ahold of the flash drive or she could lose it.
Another alternative is have an unprotected account (you can set up GDM and PAM to allow someone in by just clicking the face) then have a script she can click to log in as herself with a minimal password.
A third is a graphical password system such as picking an image, or some little puzzle where she has to put in the right pattern. Problem with this is that you would probably have to program this yourself and figure out how to get PAM to use it.
On the ethics of this subject: HELL YES kids keep secrets (even on the computer) from even the most responsible parents. I would argue that if they are not allowed to keep some it results in psychological damage. Even if we assume that this computer is going to be internet connected (which is implied) there are ways on the router level to protect against most of the bad content she could come across without violating her personal computer space. This isn't that different from keeping a diary or a little safe or hiding things under your mattress.
My daughter set up a password on her account.. she was 5-6 at the time. I didn't require it of her, but she didn't want her younger brother and sister accessing her profile.
Sure enough, she was having trouble logging in - she'd forgotten her password. And she was getting frustrated.
She was typing in key after key and I had to ask "are you typing in your password or are you just typing...?"
She stated she was typing in her password, so I had her step aside and sat down. I asked her "okay, what is your password?"
She replied with "Mickey, Minnie, Pluto, Goofy"
I stopped, turned, and looked at her with a slackjawed parent look on my face because I had never taught her about passphrases. I repeated it back, "MickeyMinniePlutoGoofy?" And was stunned when she confirmed it.
I asked how she came up with the password and she told me "You said my password had to contain at least four characters."
She knows her alphabet, but characters, those are in cartoons...
Good security is based upon reality and common sense. Common sense is a function of having common knowledge.
The easiest way would be just to use a thumb reader. They are cheap now and she would have no need to remember any passwords if you want that option.
My way to handle this is to remember something non-abstract as a start and a rule to change it.
Here is a very simple example. I don't actually recommend using this particular one.
"What is your pet?"
"A fish!"
"How many letters are in that?"
"4!"
"What's his name?"
"Bob!"
"How many letters are in that?"
"3!"
"How about using 'fish4Bob3' as your password? Could you remember that?"
Bullshit.
If you're open about it, then the idea that there is automatic resentment is just bullshit.
If you're open towards them they will react to your actions with equal force in the opposite direction by being just as open towards you.If you make yourself the dictator of the house, however...
You can't take the sky from me...
I just think this seven year old is just so sweet! ...wants strong encryption at 7 hehe. I have 5 kids of my own (Commodore 64 years) and now grandchildren.
The fact that she wants this privacy is screaming that the parents are control freaks.
To those who would bemoan that she is going to do or view all kinds of terrible things on the net and cover it up? hello? she's 7. I do agree that she needs to make a contract with her parents to NOT get involved with My*whatever* until she's old enough to look after herself in this regard.
I don't envy parents during this "age".
Crow.
This topic fails at life...
For example: G3, up-right, 7 = l0P3n4f. I even let them post this matrix on their desk. One person put a highlighter dot on her starting point, but that still leaves too many possibles for a easy crack to the intruder sitting at her desk. The only real threat (since the building is secure also) is the greasy smudges as people run their finger over their password.
Sample matrix: not perfect, but keeps the employees kids off their computers
_ 1 2 3 4 5 6 7 8 9 10
A d x 9 C c x 4 Y f x
B 6 e x 4 B j x 4 N q
C x 8 m x 9 Z n x 0 W
D t x 2 p x 3 Q q x 9
E p x x p P x 8 G v x
F 0 t x 0 w a x 6 A c
G % 5 l x 7 i q x x Z
H a $ 7 l x 4 d g x 6
I t x 3 N r x 3 a f x
J x 7 x x 4 I b x i D
disclaimer: actual matrix is larger, x's used to bypass
With that said, it's good to have a list of ways to make secure passwords. Here are a couple that I've seen (some from this discussion):
- Use a favorite phrase, something like: nosoupforyou!
- Use the first characters from a sentence, "to be or not to be, that is the question?" would then become: tbontb,titq?
- Use a pattern on the keyboard, something like all the the outside keys on a qwerty keyboard: qaz]'/
- Pick two words, put 'em together, and add an exclamation point: passwordredbaran!
Anyone else want to add some methods for coming up with good passwords? I think we all know some adult that could use some help coming up with a strong password!Indeed... they actually recommend the first letter scheme at work.... personally, I am a linguist and I prefer to use an entire phrase from another language. Case in point, a few years back, after surviving a round of layoffs, my password came due. I picked Japanese to be the source language, and transliterized it into the Roman alphabet, substituting numbers which sounded the same as some of the syllables, and ended up with "Yasa4katta!" as my password. Most of my coworkers didn't speak Japanese... I'm at a new company and none of my coworkers speak Japanese (didn't survive the *next* round of layoffs 2 weeks later
Now I'm not suggesting that this 7-year old is going to be learning another language just so she can have a secure password... that's kind of like swatting a fly with a Buick: it'll get the job done, but there's much easier ways to do it. But maybe she should learn some of her favourite words in the foreign language or a couple of sentences and use those? Even something utterly basic, like "Je m'appelle killerbob", would probably offer the degree of security she wants... the idea being that if it's in a language other than the one the person who's trying to guess it is expecting, it's going to be much harder to guess. I could even tell you outright what my current password translates to, and you'd still have a hard time guessing which language it's in, and even if you did guess it, you'd have a hard time figuring out how I've misspelled it/which subsitutions I've made and which I haven't.
If you believe everything you read, you'd better not read. - Japanese proverb
Take your kid outside and stop showing her your "GNOME".
Find a cute icon picture for her login name, one with an animal (like a pony) and then have her give the pony (etc) a "secret name". That name is the password.
Children can remember names, even annoyingly cute manga names.
This makes the password "concrete" for her but as long as she doesn't share the pony's name its secret enough.
When she wants to change her password, you should help her change her icon as well.
This will work within the framework of the system you already have without any odd hacks or add-on software.
Innocent people shouldn't be forced to pay for inferior software development.
--"Code Complete" Microsoft Press
I'm guessing the monitoring software the parents installed is Windows-only in the first place, so the password will only matter until the parents see that the operating system isn't Windows, at which point they'll be reformatting the hard drive for a fresh Windows install.
the best way to help your younger sister would be to immediately kill yourself so she doesn't have to go through life as the biggest tool in the world's little sister.
Haven't read through everything, so I apologize in advance if this is redundant:
1) Graphical passwords (might be easier, fun for yougner ones) for authentication. Example: PassFaces (http://www.realuser.com/). There are many options in research, however, I don't know how many of them have a downloadable product.
2) As already mentioned, a fingerprint reader might be a good option as well.
If she used something like keepassx then she would only have to remember one password... But honestly, if I was her parent I'd just as soon confiscate her computer than mess with trying to figure out the passwords...
What about a Bluetooth proximity token? That way she has it but mom and dad can too...
Cybex
She is 7 years old, her parents have every right to control her computer. It's called parenting, something that is greatly lacking now a days.
* Store nothing of value on the computer itself.
* Use an Ubuntu Live CD to do all your computing tasks.
* Save all important files to a USB drive; have it hide it as well as her diary.
No passwords needed, but keep that USB safe!
A flashdrive with a keyfile on it combined with a simple password would be the best thing for a person who cannot remember strong passwords. Just have her keep the flashdrive with her at all times. When she can start remembering strong passwords, you can switch the simple password to a strong password.
---- Liquid was a patriot ----
You can use USB keys for authentication. If the machine is for one person alone, make a small modification to the utilities used for setting and entering passwords, so that when you set up a password, you enter a hint, and when you enter the password, it shows that hint. Use the OPIE module and assemble a OTP calculator with the password built into it. The screen gives a number, you type it into the calculator, which gives you a different number, which you type back into the computer.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
You know you're a nerd when you make 7 year olds use Debian and make them worry about security. Here are a few things that anyone normal with some common sense would be able to tell :
- She doesn't actually care about security, you made her care.
- She doesn't actually need any passwords for anything (really, not a single thing), besides to "protect her" from her parents, which is an absolutely awful and irresponsible thing to do anyways.
- It's maybe not necessary to ask her to actually decide whether she wants to use KDE or GNOME, or any other such choices, I mean it's not necessary to ask her to chose anything when she'd be better off having you chose what's the best for her.
- Debian, really? Why not NetBSD or Gentoo while you're at it? I'm sure you can't wait for the day you show her how to get package updates from the command line using aptitude. What about you put Windows on it and install whatever child friendly environment thing there is out there?
Oh no wait, she's not just any 7-year old, she's a Slashdot nerd's sister, which means she just has to log herself in with a 8 characters long password that looks like kP6$jh@i and that her files must be encrypted and her e-mail encoded with a 2048 bit PGP key. By all means explain her everything about asymmetrical keys before she turns 8! Just excuse my bias, my first computer had Mac OS 7.5 on it, not Slackware.
You just got troll'd!
As the parent of two children currently aged 6 and 7, I must say there is no way I would ever let them have unfettered access to a computer that I could not monitor, especially if it were online. Parents are held responsible for what their kids do at this age and are responsible for their protection. Any attempt to bypass parental authority is extremely dangerous and short-sighted. If some 'kind' family member had donated such a machine to one of our kids it would be removed immediately until I could prepare it myself and ensure it was safe.
Our kids are very computer literate and do have their own computers that are set up in a 'school' area. I sat and watched my son (aged 7) one day without interrupting. He started playing Civilization IV(his favourite game) then after about 40 minutes saved his game and opened a web browser, went to the LEGO website to play one of their Mars Mission flash games, shortly thereafter he was on Google searching for Mars Mission LEGO items and ended up on EBay where he would quite happily have signed up and then bid on some attractive LEGO items.
Who knows where he would have ended up if left unmonitored for a few days.
I do give the children their own sign ins...and every few days I change their passwords to new words and give each of them a simple clue. They don't get to use the computer again until they solve the clue and learn to spell the password!
I truly, truly hope the kid who posted this question, with requirements of "My parents would probably be able to guess non-abstract passwords", is 11 years old, and not 25.
Creepy.
One example many more possibilities:
... the "X" crosses at "f and F".
..., and to recall the first character-position to start the pattern is very damn easy. Never fits a crack-dictionary and is as easy to recall as a birthday+name/word.
....
4rfv6tfc$RFV^TFC, the visual keyboard-mnemonic used for this password was "X" start at "4" go to "v" THEN "6" go to "c" THEN repeat with shift-key depressed
The pattern (simple patterns are cross, diamond, circle, lines// -or- \\) is personally selected, no need to write down, is very easy to recall, and quickly entered
Very the length or pattern according to personal and website requirements. For bank/inv accounts have one pattern and very start-*, for yahoo/google
!HAVEFUN!
Unaccountable leaders are masters, and unrepresented people are slaves. How do US and EU fare?
for nearly 20 years I've used a method that allows me to make complex passwords, but is easy.
First letter of each word of a sentence.
Ring around the rosies, pocket full of posies"
IE - Ratr,pfop
As she ages, she can mix it up. A naked "a" in a sentence becomes an @, the word "to" becomes a 2, the word "tree" becomes a 3, etc...add extra rules as she can handle them. But to start, she merely needs something that isn't just her name. Set it to allow for multiple letters, not need 1 each of 4 types of characters. Just mixed case should be enough, as long as the password isn't dictionary based.
"Mary had a little lamb" => "Mhall" is actually quite complex enough (assuming she doesn't have ssh running...) to sufficiently protect against a console-based attack by PARENTS. Have a timeout between password attempts. Have the timeout increase with numerous failed attempts. So on, so forth.
Something like a2d1eTH^Ji#o%ll! (which is the result of the newer scheme I've used the last few years, and is likewise easy to remember) is completely, totally, silly and unnecessary for a child's PC. Just disable any inbound connections, and deal with login failures on the console intelligently.
You can't take the sky from me...
Just going out on a limb and making a wild-ass guess that the 7yo is learning the secretive behavior from her older brother. Your parents should be involved in everything she does and then allow her graduated privacy as she demonstrates that she is trustworthy enough and intelligent enough (ie shows good judgement) to deserve it. Also, allowing her to make mistakes falls into that, it is one of the ways we learn, the parents' role is to try to limit the scope/consequences of those mistakes.
You can't take the sky from me...
You may use a USB pendrive and PAM-USB: http://www.pamusb.org/
They are scale invariant and every scanning technology developed is also scale invariant.
They'll detect features based on the features in relation to themselves and to the fingerprint, not to any raster artifact.
MSBPodcast.com The opinions expressed here are my own. If you don't like 'em... Think up your own stuff.
Children (definition varies per state) do not have the legal right to give consent to anything.
Why use 'password' when you can just use '12345' coincidentally that's the same combination i have on my luggage.
If i had one dollar for every brain you dont have, i would have $1.
...there is something to be said for biometric security. I run Fedora 8 on a Thinkpad and I love its fingerprint reader. It saves time over having to type a 12 character root password. You could probably look into a USB fingerprint scanner, as it would be relatively secure but would leave nothing to memorize.
Fear the penguin.
In my experience, the issue has been siblings and friends. For example, my daughter (then age 7) told her friend her Club Penguin password, after which her friend told it to her older sister, who logged on as my daughter and got her temporarily banned for cussing. Tweens will also want to, e.g., keep private diaries where they write down their feelings about the Jonas Brothers, and know that their siblings won't have access to them.
As far as parental access ... both my kids have $200 ubuntu boxes in their rooms. They have accounts with admin privileges, and so do I, but I never need to use my privs. They ask me for help when they need it.
I make sure they habitually apply security updates. I've explained how to pick passwords that are not vulnerable to dictionary attacks, and I don't know, and don't need to know, their passwords. Even if they don't pick completely secure passwords, it's not really the end of the world, because we're behind a router.
I suppose a lot of parents are worried that their kids will connect with child molesters online. I think that's a sad commentary on the level of parental paranoia, and on people's inability to evaluate risks properly. Statistically, the big risk is getting hit by a car, which you deal with by teaching them to look both ways when crossing the street.
Find free books.
Many kids at that age are kinesthetic learners. So, associate a password with a sequence of motions she can put her body through.
For instance:
small jump = j
big jump = J
run in a circle = o
touch your nose = n
touch your ear = e
touch your knee = k
count to 5 on your fingers = 5, etc, etc.
So... she may be able to remember "little jump, big jump, count to three, touch your knee" very easily. After she "performs" her password a few times, she'll know it forever. Especially if you can associate it with a rhyming game.
My kids started having passwords at about that age, maybe even younger. It was never a big issue, and of course their early passwords were things like "horse" or whatever. Not only was that enough, we did try to cultivate respect for each other's accounts, and I don't remember (or was not aware of) any of our three kids surreptitiously hacking each other's accounts. We would have considered it a typical punishable offense along the lines of fighting with each other or deliberately damaging each other's property.
Their passwords evolved into having non-alpha characters, and they do occasionally change them. They are now in mid to late high school, and passwords and such are second nature. How secure are they? I don't really know, but I suspect they are not much more or less secure than those in the wild. Passwords are but one tool in digital security, and it is an ever bigger and rougher world out there.
"As I explained password protection and encryption to her, I was pleasantly surprised when she insisted on protection measures being as strong as possible, so that no one else can screw with her computer." You've just got to be joking. "She knows that my younger brother has to endure strict parental control software that was installed on his machine without his consent." Right, because he should have the right to surf porn and chat with a 57 year old male child molester when ever he feels like it. And so should your sister! Good job in being the older brother and keeping her safe! Way to go there sport! How old are you?
That's the password to my luggage!
I love that song. Just flat out love. It's one of the best of the Beatles.
Let me guess, all of you are yankees ? If your raise your children that way and were yourself raised equally authoritarian its no wonder that you keep voting for the continuation of your fascist totalitarian theocracy - after all its what you are used to from home.
The OP is trying to secure a seven-year-old's computer from her parents. That's nuts -- no responsible parent is going to let that stand.
Our 15-year-old doesn't have unfettered access to the Internet or her computer.
The basic rules on our house are simple:
I can hear the younger set already getting their feathers ruffled, ready to reply about how fascist this policy is. Let me pretend for a moment that you're my daughter, and give you my reply:
Besides... although I keep a careful eye on her activities... it is not as airtight as I could make it. If she really wanted to, she could find ways past it. And if she put the effort into it, I'd even be proud.
"SpaceBalls, the password!"
http://www.thinkgeek.com/gadgets/security/91a2/
excerpt
The Mandylion Password Manager is a secure, convenient and cost-effective device built specifically for generating and protecting your passwords. Tested and matured for 3 years in real warfare environments, it is now available for commercial use. Built as a small keyring device, it can securely manage up to 50 logins, safe combinations, security codes, etc. that can be individually generated to meet the composition requirements of any login policy. Passwords can be any length up to 14 characters or namespaces. It can create passwords based on your settings for various criteria (such as length, alpha-numeric, special characters, etc.) and prompt you to change your passwords at preset time intervals (90 days, 1 year, etc.) Also, all data is stored in permanent memory, so it is unaffected by battery life or loss of power. Tamper-resistant features have been employed both inside and out, making the device a superior choice to storing passwords on your PDA, PC or worse, writing them down.
My son was using the computer since 2. When he reached 3, I got tired of typing it every time and since he already knew how to type in his username but could not remember his password, I just wrote it down on a small sticky and stuck it to the keyboard. It works most of the time. Occasionally, he mistypes something. He frowns, then tries again. If after a few attempts he can't figure it out, he comes and asks for help. But it saves me from having to type it in every time.
Unauthorized access doesn't seem to be much of a problem. He always asks before he uses the computer, TV, or Wii. His account is locked down anyway.
Sir,
Respecting the curiosity of the child is important and I am certain a general principal of feeding the curiosity of children is recommended.
You obviously have a brilliant child here, and likely more than one. However, my advice is to discontinue allowing the child to connect with the computer or any video source for more than one hour per day. Help the child come into a more full understanding of themselves and their personal faculties before continuing.
Why?
Because as with my own children, I find it's more important to help them find themselves as fully as possible. Video of all kinds is a distraction to this process, based on my research. In fact, it's generally an impediment to self-discovery in an experiential way most particularly.
The glaring indication of this issue is the inability to remember the passwords she creates. Based on this fact, there are more fundamental matters of focus for the child to tackle in terms of exploring personal creativity and more. Computers and video in general emit dead charged particles at us. We make up the rest. Teach her to find her creativity as fully as possible within herself. THEN explore greater mediums in which to express this known self.
Let the horse and cart be properly assembled. Let personal development manifest as growth in harmony based on well established INTERNAL foundations for the individual. Once someone can find themselves within, it becomes possible to feed their unfolding discovery processes afterward. If we do this, they'll always be able to feed their own curiosities. If not, we continually comes AT that individual who doesn't know themselves, trying to inspire their creativity and the person has difficulty knowing their own passion because they are not rooted inside.
May peace be yours.
Make her two accounts. One with Internet access but with 'password' as password so your parents can have access to what she's doing online. Another without Internet access with whatever strong password methods you find here. Don't teach her about deleting Internet histories and changing passwords as she's really too young to have unfettered Internet access.
Alternatively, just burn her a puppylinux cd. Young girls like puppies.
My brother 7 years old at the time learned to type pepperoni pizza, "howdoyoustartthisthing", and several others...they were all cheats to Age of Empires.
Of course the question is what kind of parent lets their kid cheat!
i think in the future when someone asks me what i mean by ridiculous theory grounded in zero real life experience, i shall refer to your post above
dude: you seriously have no idea how real human behavior works. oh i'm certain you think you do, but by your post above, you are revealing yourself to be a young naive college kid with a lot philosophy textbooks under your belt but absolutely no association with the expectations and challenges of your average family household... in any country, in any era of human existence
you are expecting human beings to behave in ways no human being has ever behaved. hardly the basis to comment intelligently on the subject matter
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
except the lyrics is relax and FLOAT downstream
I know that all our tongue prints are different right? How about a capacitive tongue print reader with a candy coated disposable wrapper? It can pick up their "prints" as they lick. Sour apple flavor not recommended, as it might cause excessive salivation.
There has been a lot of comments that as parents are responsible for children, they should be able to completely monitor what they are doing.
I believe that is completely and utterly BS. I could go and make comparement to governments being responsible for their citizens but many people here still objecting the idea that government would be given full access to logs and info of everything you do on your computer or have there regardless of your permission or you even knowing about it.
Parents protecting their children shouldn't need to be using control or they are doing something wrong. If a child is told not to give out personal info, described what it really means and explained why not to do it, they won't. Even if they are 7. Just as they don't go with strangers if they are explained why not to.
Children aren't really half as dumb as most people seem to think. "Oh no, s/he will be traumatized and turn into criminal and be abducted by pedophiles and everything else if s/he gets to the internet alone! The Fox News said so!"
Really, there are several problems with parents monitoring their kids.
The main problem is that once you start, you might not know when to stop. I'm not strictly against monitoring a child's internet behaviour when s/he is 7 or even when s/he is 9. I do however when s/he is 12 or more but if you have monitored the usage for five years, how do you know to stop? How long do you plan on monitoring that? Untill s/he is 12? 14? 16? 18? And how much?
I started playing actively online when I was 11. Not my first times online but with Operation Flashpoint (for anyone interested 7 years ago), it became about two hours per day. That led me to more online gaming, MMOs (well, runescape at first), messenger systems, online communities, which led me to roleplaying and IRC...
By the age of 13, I was very active on IRC, spending many hours per day there. Well, practically all my time aside from what I spent at school, sleeping or out with my friends. I played some Vampire: The Masquerade with very... Interesting people, very violent and descriptive texts (and no, it didn't warp me mentally, I'm a pacifist), lot of racist comments (didn't become that either), pictures that would make mr. goatse cry... I also started giving out my personal details, meeting with these people, etc.
Now, some would say "But that's what I want to keep my children away from!" and I know my mother would have done something if she knew a small proportion of what was happening. But she didn't and because of that, so many awesome things happened.
I met some awesome people, I gained some of the closest friends I have ever had (and still have them), due to those people my originally geek's low self-confidence got boosted to a lot better, I had loads of fun, a few times I was helped in school works (I propably passed my junior high's swedish AND german due to a certain girl on IRC and due to the same girl got the best grades in my class in religion, ethics, etc.), I gained a pet that I love (one of the girls there raised parrots...), my whole choice of what to do with my education and career warped completely (to better, I earn some nice cash as a webmaster and PHP slave while still studying more), my finnish skills in writing essays and stories got a lot better, I actually found my current (for some months only so far but hopefully will be a lot more) girlfriend in there too...
And none of this would propably have happened had my mother monitored what I do on my computer. Instead my parents just chose to teach me a little about it and how to act and trusted the rest for me to take care of.
And if I hear the argument "Glad it worked for you because you were lucky but so many wouldn't be! I can't take the risk!". Hell, as a parent you NEED to let the child take risks. You let them take risks when you let them out of the door. Your job as a parent is not to take care of the risks but to teach them to take care of them. I know I would possibly have died or gotten some brain damage at one incident with bicycle as a kid but it is great my parents had told me to use the helmet even though I hated it...
So, at 1 year old the child is not potty trained. Does the parent respect the child's right to privacy by not cleaning his diapers?
Of course not. That would be ridiculous. At that age, the child is not sufficiently developed to be safe with that much privacy.
So when does the parent start respecting the child's right to privacy, and, more importantly, privacy in what domain? The privacy to be left alone in the bathroom is different than the privacy to stay out late at night without telling the parents where the child is.
There are many different kinds of privacy, and they each require different levels of maturity before a person is safe having them.
The parent has the authority to decide when his/her child can be trusted with any particular kind of privacy. The parent MUST have this authority in order to be legally accountable for the child's actions (which all parents are.)
When people say that a family is a dictatorship, they do not mean that the parent rules every aspect of the child's life all the time. They mean that the parent gets to decide the rules, and that's that. The rules may include various levels of privacy and freedom...the parent picks those as he/she goes along. Not only is that how it should be, that is how it is, whether it suits your personal tastes or not.
Some parents don't do a very good job of it though...letting their kids get into all sorts of trouble...and in turn motivate the government to start passing laws to "protect the children" and raise our children for us.
Stop giving them ammunition to use against us. You want any freedom at all? Embrace the dictatorship and encourage parents to take responsibility.
- 'Keyboard Character Runs': e.g. '0okmju76tfc'
- For children a mix of their name and birthday, e.g. '23Pen2001', Assuming the sister's name is Penny, and she was born on the 23rd. of some month in 2001.
OK Neither is exactly secure, Ophcrack will do it's deed in minutes, but it's for a child's account for goodness sake. Mum or Dad will, correctly, always have access the account because they will have either a boot CD or the root password. For my piece of mind, I'd probably protect and monitor Internet access for a child of 7 with both ntop and Dan's Guardian on the firewall. 'Penny' should be made aware of those facts because "That's the deal".That's a great approach that I use. Another is anagrams. Say her name is 'Abigail Masterson.' Rearrange those letters and you get something like 'gas abnormalities.' Now, you take that, strip out the spaces, and rotate through option-shift key combos. So you hold shift-letter, then option-shift-letter, just the letter, repeat. You password looks like:
GÅsAnOmAÒiTeS
Well sorta. Slashdot seems to be having trouble displaying much beyond 7bit ascii. But you can open TextEdit.app and type it out to see it. Even if someone saw your password, they couldn't remember it. Now, take that same theory, and use someone else's name because your own name is so obvious. Passwords like that are easy to remember but REALLY hard to break because of the special characters generated. Plus, you literally couldn't *tell* someone your password if they asked for it. You only know it by typing it. Should work for a seven year old as long as your anagram doesn't have really big words like 'abnormalities' ;-)
Oh, and to the parents who are complaining about not being able to snoop on their children: Might I suggest learning how to use your computer. The network traffic is most likely unencrypted and so is the drive. If the child is old enough to figure out how to lock you out of her computer, she's old enough to take care of herself online. Unless you are, like so many parents, proudly computer illiterate. In that case, leave the machine in the family room and use one shared account for everything from login to email. And since it's shared, you can keep an eye on her, just like she can keep an eye on you!
First I would like to remind everyone the topic, this is about a way for a kid to have a password, not an ethic discution about whether or not to allow it. So my suggestion would be to go for something that is childish.. why not try a song. Just as we use sentences to create password, you could work on a song that would remind her of the password. I dont know.. something like: Mary had a little lamb it was white with green spots Mhalliwwwgs Its kinda easy to remember the song and make a password of respectful lenght.
You could do what an elderly friend did: put something next to the computer that will jog her memory. She could put a small teddy bear on the monitor and use "Teddy Bear" as the password, or "Brown," or "Fuzzy," or the name of the bear, or whatever attribute she liked. Or there's the old "dictionary trick." Write down a number like 14-5, meaning "Page 14, fifth word." (Of course, she'd have to remember which book.)
but your 7 year old sister most certainly should have parential control software on her PC. Anything else is irresponsible. She won't like it, but I wouldn't like my 7 year old viewing 2girls1cup.
Aside from the password-computer issue, am I alone in being slightly worried that a seven year old can't read or write 'properly' (whatever the poster's definition of properly is...)? I guess by that age they should be able to read most things (whether they understand what they're reading is another matter) and they should be able to write! Not properly developing these two essential skills seems like a good way of putting the child at a severe disadvantage later in life.
An application could represent a Combination lock, letting the user to select its personal combination, including letters and numbers. It is the same principle as the passwords, but perhaps it's easier to learn because it can be tied to a real object that you can even show to your children.
It's all bad parenting when kids do whatever on their computers.
But 7 year olds should secure the machine so that their parents can't monitor their computer activities.
Something doesn't compute here.
Did you at least set the computer up in a "public" place - i.e. where the parents can observe the activity directly since they can't monitor? Or is it hidden in her room so she can chat with all the pedophiles and then you can blame the parents for not controlling and monitoring her access to the computer?
To all those saying this is a bad idea, IMHO you're wrong. For one, it entirely depends on the child how much supervision they need. When I was eight, I was logging onto IRC and asking questions about the kernal(sic) jump table entries for the commodore 128 I had in my room so I could mess around in the ML monitor. Was I supervised? No. Did I have "root" access? Yes. (This was when Win98 was new. Real authentication? Yea, we'd be happy with memory protection.) I was the one that set up the damn dial-up connection. My parents are grandparents now, and with a gun to their head would not be able to set up PAP authentication without oral instruction.
Secondly, parental control software is shit. If your child needs supervision, supervise them. Buying software to do your job as a parent for you is a failure in itself. You're protecting yourself more than your kid. Not to mention, most people install this crap on their kids' computers, don't bother decently setting it up, and just set it to the default of filtering everything possibly offensive. One of the categories of possibly offensive material is FINANCE. Why would you filter curiosity? What does it hurt for a child to understand mortgages?
My point is, if this child is mentally capable and the parents are oppressive for the sake of laziness, they deserve to be locked out. She deserves the freedom to learn. Yes, she might get on MySpace or Yahoo Chat, or any of the other million crap sites that infect the internet, but she also might be on wikipedia looking up the beetle she found in her back yard, or on m-w.com looking up a word she didn't understand in her favorite book. I'm sure the OP knows what level his little sister is at. I'm sure he knows the situation much better than you or I, and he's asking a simple semi-technical question, not for a morals lecture. Oy.
Given that the parents are both responsible and liable for their daughter, the original poster is in error in trying to keep the parents out of the equation.
I agree 100% with the previous posts that say the parents have a responsibility to monitor their own children's PC usage. It's the same way with anything. At the child grows and show greater judgment and responsibility they are given more trust and privacy. It's an irony that the children that most rail at the lack of privacy are often the same children who haven't earned it.
One thing I don't agree with is the statement that a 7 year old with a personally locked down but not internet connected PC is no more at risk than a kid with a pen and paper. What's to keep the older sibling that sees nothing wrong with a 7 year old locking out her parents from secretly installing a WIFI card to the 7 year old can access the internet through a neighbor's access point? What's to prevent the 7 year old from using her PC to copy music CDs or DVDs and distributing them to friends. That would expose her parents to possible copyright litigation. What's to keep the 7 year from using the privacy of her room and PC to author content she shouldn't, burning it to CD and using a public PC to post it to the web?
Yes the 7 year old should be able to lock out her older siblings. That is fair and understandable. Her parents need to have access, even if they never do. And if her PC is to be connected to the internet, then she should have "strict parental control" software loaded.
My $.02.
I think we've safely established that locking parents out completely is just not going to work. I suggest you talk to her about some things.
She seems to be security-aware, which is something that you ought to support. However, I don't think you're teaching her the right lesson. Security is far more than simply encrypting secrets.
First, analyze threats. She seems to fear imposition of parental controls, and may also want secret correspondence with friends.
Now, create appropriate solutions. If she wants to visit a site blocked by parental controls, your local public library likely offers Internet access with fewer restrictions. Parents will rarely say no to a request to go to a library. There she can probably get access to most things that aren't outright smut.
Next, tell her that your parents can easily intercept e-mail even if everything on her machine is encrypted. Then, instead of introducing her to something like GPG, work with her to develop a simple substitution cipher, then covertly give your parents the knowledge to easily decrypt. If her friends don't like the cipher idea, then suggest that the secret simply be whispered in someone's ear while off in a secluded corner of the schoolyard during recess.
Lastly, tell her that the key to independence is knowing when you need to divulge secrets for your own good. If I, for example, angered the Russian Mafia in the course of secret business dealings, I'd head straight to the cops. Likewise, if her secret is that some adult (or even another kid) is hurting her, telling people can make it stop.
I love encryption, I really do. In this case though it just seems to be for the sake of antagonizing parents, which is never a good idea. If she's serious about real security, she should like the suggestion above, and everyone should be happy.
If she just wants to assert herself against parents, then you have an opportunity. Become her friend by introducing her to flimsy, aptly-named "kid sister encryption." Tell your parents she found it on her own. Give them the means to crack it. Tell your sister they found it on their own. Everyone's happy, and everyone likes you.
Balance makes everyone happy.
Use a combination of her favorite spelling words and her age. Then you can change her age to get her in the habit of changing her password. An example would be "Ilovemom7"
I'd set the computer up for auto login. and Internet access would be whitelist only.
Is that you're an asshole with a vastly inflated opinion of his own intelligence.
I suspect your parents are to blame for that, so I say we need to reject whatever they did with you.
It fascinates me to see people like you openly advertise that they're poorly adjusted social imbeciles. Fuck you don't even realize that what you're posting is ridiculous, but you expect us to give a fuck about your opinion?
I'm not trolling you kid. I'm serious (and you ARE a kid, save your stupid fucking protests) your posts reek of post-adolescent maladjustment, and every time someone tries to tell you, you cover your ears and shout "Mary had a little lamb", doing nothing but proving them right.
It's time for a REAL insightful observation. Your world view is idiotic, and most of us realize that by 4th grade. It appears to be taking you a little longer to outgrow high school reason and logic.
I read it as the girl wanted to keep her brother out as he has all these restrictions on his machine. I would assume the dad has an admin account on the machine and would be able to do / check out what ever he wanted.
If the government talks about having access to the data of the citizens, /. throws a fit. But talk about letting the parents have access to the children's data and /. in general seems to think that's the only acceptable choice.
Hm.
There was a time when a 7 year old would already be learning a trade and be married by 13. We infantilise everyone and then act surprised that they grow up to be giant children. How about instead you teach the 7 year old about the dangers of talking to strangers, about the really really gross shit on the internet, and then maintain an active interest in their computer use - just as you would ask them about what they learned in school or how they're doing with soccer practice.
And for those of you who say my comparison is junk I ask you this: At what age should a child be before parents should stop monitoring the child's computer use? Either you won't reach a consensus or you'll come up with a number that frustrates most kids and helps almost none. Not unlike a typical government policy.
What's wrong with that?
[...]
Because when somebody is so damn certain that they're right they can cause themselves and others a lot of pain and trouble when it turns out they weren't. You should listen to yourself, you've answered your own question.
When a person's zygote merge with another, they don't suddenly become infallible, and a child that has not yet been out of the womb for the arbitrary number of years decreed to be the time at which they magically become mature overnight should not be submitted to the oppressive rule of a person who's sure they are always right and who will deny the child any say in the manner in which their life is being run.
You can't take the sky from me...
Wrong.
Wrong.
3 times in one post, that's a whole lotta fail.
You can't take the sky from me...
she could make a password out of a silly/memorable phrase.
for example: "there once was a man from nantucket" becomes t1wamfn. or thonwamafrona. or eesanmt, if she's good at spelling.
Revelation is a superb password manager for GNOME
That's the combination for my luggage!
Translation: "Hi, I'm trying to undermine my parents' parental authority as they raise my sister, please help. I'm probably also one of those people who, after reading a news story about children doing something bad/horrible/inappropriate, am the first to scream 'Its the parents' responsibility to keep track of what their kids are doing, not society's.' I do not see the irony in this."
As a parent with a six year old child, if I wasn't able to monitor what he was doing online (e.g. I don't know his password) I would promptly remove the computer from his possession. It sounds like the submitter is trying to find a way to help his 7-year old sister get away from parental oversight. This is a 7-year old child. A child not old enough to, "permanently memorize abstract passwords, even if they are her own creation." No one should be helping in this endeavor. If anything, kids this young need more parental oversight while using a computer. Now if they're trying to prevent an even younger sibling from using/messing up her account that's one thing, but this sounds like kids trying to lock their parents out.
You HAVE to lock the parents out, or they might spend all the child's webkins points or WoW gold..then what does that kind learn? 8 hours a day of goldfarming for nothing!
that's all
ascii art
Abstract passwords for people who can't remember them:
1. Use a password based on a keyboard pattern. For example, starting at "1" and moving down and across the keyboard produces "1qaz2wsx3edc4rfv"
2. Use a normal word but with the "alt" key held down. For example "carrots" becomes "çå®®øß"
3. Use a combination of the above. The first example with "alt" held down produces "oeåß#ç®f"
(Some of the odder letters in the last two examples may not show up here).
To reiterate a point some others have made, though - if the computer has an internet connection there's no way a 7-year-old should be using it unsupervised. Her own non-connected computer can be password protected and in her room, but the family net-connected computer must be in the living room with the screen fully visible and only usable when a parent/guardian is home.
emo tool.
just still a developing child yourself.
Sounds like you have some bias
seriously fucked up
Cheers.
You can't take the sky from me...
Have the child pick a number, 0-9. Let's say "7". The child's password would then be "7ujm&UJM". This is not my password.
Notice how this password is simply the 7 key followed by the 3 keys beneath the 7, then repeated holding the shift key.
Alternatives could be "7890&*()", "7654&^%$" or slightly more complex patterns like "7ui8&UI*". This way the child has an effective password and only has to remember a single number and a simple shape or pattern. Even if the child forgets one or the other, it could be determined in a handful of guesses.
If you ask people 20 years after their teens, they will most likely say they didn't know as much as they thought they knew at that time.
If you ask people 20 years after 30's, they will most likely say they didn't know as much as they thought they knew at the time.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
1) You can attach a cheap USB fingerprint scanner like the one from APC -- froogle shows low price range of 30-40$$. That should be fairly "unique"...
:-)
2) She can encrypt all her files (which will be tied to her login password -- the USB scanner).
No matter if brother hacks her computer, he'd have to guess her password to decrypt the files.
If anyone changes her login password (or clears it), the files won't decrypt.
Might be a good idea to create a separate USB-keyfob with a backup of her encryption
credentials in case someone changes her password. Theoretically, I think, a 2-password
system can be setup so parents ("Administrator"s) could unlock her account and read the passwords.
You may need XP-Professional to use some of these features.
Might also be a bit of overkill.
Does she have a favorite book? How about the ISBN? Not a likely password to be going and guessing!
What ever you do to lock your parents out of the computer won't stop them from booting a livecd or connecting the computers harddisk to their computer and doing whatever they want to do.
What I would do is have her write down the password in a private spot, like a log book. you could also hide the password in a login windows image or a text document. Saving the password in a file called .temppw (or something like it. the '.' would make it hidden and giving it a temp name would make most people ignore it.
That post just hints at all sorts of family-dynamics problems...
Why not work in vocab learning? Write a program to randomly generate lists from a dictionary of words. Every time she needs to change her password, have her learn the spelling and definition of 15 random words. Her password would be two or three of the words in some order. Whatever she can handle. To help her remember, she can create a weird story that integrates the words and their meanings in the order they need to be used. She can also carry the list around as a guide (recognition vs recall memory).
If the list falls into the wrong hands, there are 210 possible combinations for a two-word password. There are 2730 combinations for a three-word password. That should be sufficient to keep parents out long enough for her to begin working on a new set of words for a new password. (I'm assuming someone she trusts has root access to help her out if she forgets... Also, single-user mode in the boot menu should be disabled.)
Learning vocab is something she has to do eventually. At least this way, she can be motivated by (possibly) enhanced security against her parents. Maybe her teacher can be convinced to give the class an ongoing extra credit assignment. The kids all get a different set of randomly generated words. When they want to cash in, the teacher picks several words from their list that they have to spell and define. The extra-credit scheme could then be used as a cover story for the extra words the girl is learning for passwords.
Solution: Install netnanny-type software, controlled by the parents. If the kid can break it, she's smart enough to deal with what she finds.
You're forcing your 7 year old sister to use Debian? You sick, sick, little man.
Here's a suggestion: she can lock out her parents when she's old enough and smart enough to figure this stuff out herself.
I actually admire anyone who can use Linux, especially at age seven! She seems like a genius if she can do that! If the girl is able to maintain her computer and care for it properly, there's no reason for her parents to care what she does. I think she has displayed great presence of mind and is aware of the dangers of the online world. The parents should trust her to use her computer properly. I don't admire authoritarian parents who think they own the kid and everything he/she owns. Yes, they're responsible and have the right to spank if a kid acts up. But how would you feel if someone could read your every email, IM and text message? Would you want that done to you? Parents, please treat your kids the way you would want them to treat you if the positions were reversed, because there will come a time when they will be.
I charge forward recklessly, leaving chaos in my wake.
She's installing her first nix OS, trying to remember her first abstract password... *sniff* they grow up so fast.
Fingerprint readers? Crypto strenght passwords and pass phrases? What the fuck?
What does a 7 year old have to hide exactly? Give the girl a simple password. Better yet give the whole family a common password, and teach them not to snoop on each other. Yes the will break the rules occassionally and this is when you step in and teach them that it's not nice.
Until the girl has her own financial affairs. Bank accounts, phone bills etc. she doesn't need to lock anyone out. As for private diaries, contacts and the like parents shouldn't be snooping or opening the files without the child's permission! They should be asking the kid to show them the files and the child should know that's one condition they have for using the computer.
These posts express my own personal views, not those of my employer
I already know you claim that you have some knowledge of child development, you claim to be over 20 years of age, and you claim to be financially independent. While the other stuff may be condescension, the pivotal point here is the "knowledge of child development".
What knowledge of child development do you have?
It's a pretty important question that only you can answer, especially if you want your comments to be taken seriously.
...yellow number five, yellow number five, yellow number five...
i think in the future when someone asks me what i mean by ridiculous theory grounded in zero real life experience, i shall refer to your post above
dude: you seriously have no idea how real human behavior works. oh i'm certain you think you do, but by your post above, you are revealing yourself to be a young naive college kid with a lot philosophy textbooks under your belt but absolutely no association with the expectations and challenges of your average family household... in any country, in any era of human existence
You know, you always have the most condescending attitude. Rather than going off like this about how I *obviously* have no clue what I'm talking about, why don't you instead just tell me what's wrong with what I said? I did my best to anticipate what your objections would be; either point out how I didn't address those problems sufficiently, point out new problems I overlooked, or STFU, cause otherwise you're not saying much other than "nuh uh" and calling me a stupid kid. Real mature of you there, oh wise elder one.
I may not have children myself but I've supervised children plenty often (I used to teach children's TaeKwonDo classes; I was once a teacher's aid for a 6th grade class; and I currently work as in a child-centered family therapy clinic; not to mention all the immature little snots on the various internet forums I administrate), and I've found that they respect you (and thus do what you ask of them) a lot more when you treat them like small human beings, rather as than animals that can speak. Obviously if they're going completely berserk, doing harmful things and not listening to reason about it then force is justified, just as it would be against an adult; but "not doing what I said" is not in itself a bad thing, nor is doing something which might influence them later to do bad things itself a bad thing. Those are tantamount to arresting people for resisting arrest, or criminalizing activities incidentally associated with criminals (c.f. the War on Drugs).
you are expecting human beings to behave in ways no human being has ever behaved. hardly the basis to comment intelligently on the subject matter
"People don't do that" is never a valid retort to "people should do that." Of course nothing ever runs as cleanly as it should in theory, cause people are broken. No political system is ever going to work flawlessly so long as it's flawed people who are implementing it, no method of dispute resolution is ever going to work perfectly so long as one party can be a stubborn ass and sabotage any attempts at resolution... so of course sometimes parents are going to be driven insane by their kids and fail to treat them justly. Of course it's going to be *really damn hard* to do this all the time, just as it's really damn hard sometimes not to punch some asshole in the face for giving you a hard time. But that doesn't mean that it's OK to just wail on anybody who pisses you off, and it doesn't mean that it's OK to treat your kids like the subjects of your own little kingdom. It just means that you're not some kind of monster for occasionally doing so; it's still wrong, but it's an understandable human failing. Nobody is perfect; but we should still always strive to be.
Incidentally I'm having one of these theory-practice breakdowns in my own living situation right now, with me in the "parent" role. I share a house with three other people (Santa Barbara housing costs are hellishly expensive), all of them younger than me. I have only three, very simple needs to be happy with my living situation: (1) I want it dark and silent by midnight at the latest, since I have to get up and go to work early every morning; (2) I want the place to stay about room temperature, around 70-73 degree Fahrenheit; and (3) I want to be able to walk through the living room and kitchen, sit down on the couch, or cook a meal, without having to step over or move a bunch of other people's junk around. I think these are all very reasonable requests, but none of
-Forrest Cameranesi, Geek of all Trades
"I am Sam. Sam I am. I do not like trolls, flames, or spam."
You can't take the sky from me...
Of course the question is what kind of parent lets their kid cheat!
more importantly what kind of parent lets their kid play second rate RTS games like AoE when perfectly good C&C, Blizzard, and Dune2000 games are plentiful and cheap.
I've been reading all the posts, and for the most part I agree with the "I wouldn't dream of giving my daughter unfettered access but I think that it needs to be a communication/trust thing." I have 2 daughters, 10 and 12, and for the most part, they do what they want online, and my method of "checking" was to teach them a long time ago, don't hide things, it will only make me more curious what you're up to.... and then when I find something I don't like them seeing, talk to them about it without freaking out on them. so far, it's worked... But there's something haunting me with the way the poster posed his questions that leads me to wonder if the parents are practicing some rather brutal parenting methods. I grew up with a mother who used everything in my life as a cudgel to beat me with -as if growing up a geek wasn't difficult enough! It may be that the brother is simply trying to give his sister some breathing room -though I think the attempt is misguided. If the parenting skills in that house are so bad that he feels he can better educate and protect his sister than his parents can, then child protective services might be more appropriate than a debian box.
100% Troll
What part of that was a prank comment intended to provoke indignant (or just confused) responses. A Troll might mix up vital facts or otherwise distort reality, to make other readers react with helpful "corrections." Trolling is the online equivalent of intentionally dialing wrong numbers just to waste other people's time.???
You can't take the sky from me...
50% Flamebait
50% Overrated
How was that like comments whose sole purpose is to insult and enrage, if someone is not-so-subtly picking a fight (racial insults are a dead giveaway)?
I was replying to someone who was attacking me, I'm not the one picking a fight here.
You can't take the sky from me...
He was trolling, and I was certainly not just making comments whose sole purpose is to insult and enrage, I was replying to someone doing that to ME. I was giving a short reply to see if I was feeding a troll or addressing a sentient being, the moderator totally misjudged this thread, and the attacker proved to me that he had no intention of having a rational discussion.
You can't take the sky from me...
Don't just use a single password.
What would be more secure is possibly a biometric ID (fingerprint for instance), or a physical device like an authentication token or one of those $5 USB sticks -- and the one with the right serial number and key stored on it must be presented normally in addition to the password.
Or perhaps a second password, so two passwords must be known. Impose a suitable delay after each failed password attempt.
The second password could be written down in a secret place that only the legitimate user(s) know about. The second password could be a harder password (since it doesn't have to be remembered).
Make the login prompt cryptic. For example, if a USB stick needs to be plugged in, don't tip the user off, what they need to do exactly (Don't display "please insert USB stick," instead display "Please prove your identity").
Allow the user to mix and match auth methods: I.E. presenting the right USB stick and a second easy password might be one option. Presenting the _hard to remember_ third password might be a backup option, if the USB stick is lost.
There should be an easy-to-use GUI to register a new USB stick as the authentication token and an option to invalidate prior ones; maybe a way to register one USB stick for user access and a second one for root access.
Mommy and Daddy want to install nannyware and have done so in the past? Don't interfere, let Little Sis pick a password that she can remember -- maybe the first letter of a sentence or other sequence she can remember -- and count on the fact that it's NOT WINDOWS to deal with the issue.
If the parents know enough to force nannyware onto a Debian box, they probably know enough to get around the password protection. More likely they'll download some Windows software and be totally mystified why it just won't install.
Mal-2
How is the Riemann zeta function like Trump rallies? Both have an endless number of trivial zeros.
I think I remeber having an old Mac II when I was a kid. I took it apart a few times and put it back together(and i worked), that how I learned about computers. The computer rules in my house were as followed: Dont touch dad/moms computer Dont touch sisters computer If dad brings a computer home from work that you can play with, dont hurt yourself. Of course that was years ago when the only time i went online (AOL) was to download shareware games for my computer. It seems weird today that kids are given more or less the same computers there parents have. I think I got my first x86 system when I was 12. anyways, I think that whovever AC needs to let there parent be parents. I wonder what the girls teacher said when he explained why the sister needed to memorize complex passwords.
Are you the 7 years old little sister? That's one hell of a social engineering you do on slashdot!
If you delay pleasure infinitely, the pleasure will be infinite. (YM)
Sheesh... why limit kids? If it's your home computer, then patch login so it shows the characters as you type it, and have her use a passphrase. Surely she can type "Mary had a little lamb"
Simple as that.
I have two solutions if your little ones are paranoid about being spied on. Either give them a knoppix disk and a thumbdrive to keep all their important files with them at all times, or give them total control over their machine...
Like: http://www.achatz.nl/catalog/product_info.php?cPath=3&products_id=38
It might not be the best and fastest, but its damn good... Give it enough time, code, and wire, your girl could do most anything.... Build a chip for sd cards for storage... Figuring some way to connect to the world wide web.... It'll be like getting a UGO into the grand prix and winning... And in this case, less is more... You still need to spell, and the most of the memory included is in the users brain... Nothing like building your own machine to give a sense of accomplishment...
3 degrees of separation from Vladimir Putin
Obviously the fingerprint scanner would allow updating the reference print. The trick would be to do it before the recognition rate (I am sure it wouldn't be a sharp transition between accepting and not accepting the print) got too low.
Why would an anonymous person older than a seven year old want to keep the seven year old's parents out of the seven year old's computer?
Yeah, whatever . . .
A lot of comments on here assume the following points...
1. The parents always know best.
2. The computer will be hooked up to the Internet and the kid will get hit on by pedophiles.
3. The brother is not acting in his sister's best interest.
4. The sister has no right to privacy until age 18.
Countering these points...
1. Parents are not infallible. I know a guy that would get toys that his deranged mother would purposely sabotage (cut cords; remove parts). Or if you want a more innocent note, the parents may not even be savvy in computers, and mess it up themselves. Let's get absurd and have them delete solitaire because she might not do her homework: I have managers at work ask me that when their workers get bored.
2. A computer does not equal Internet access. Obviously the parents control this aspect just by finances, unless the brother rigs up wireless and a neighbor doesn't lock down their router.
3. A brother is asking questions about computer access and security from an almost academic level, as well as his own experience it seems. He deserves answers: not comments about being an "asshat" from people we can all assume would be old enough to be his parent.
4. If the parents are requiring parental control software, at the very least they're worried about content on the Internet (see point 2), if not the Internet itself. It doesn't have to be porn either: religious Internet filters flag crap as "occult," regardless of it actually involving something academic or "evil magic spells." Parents who micro-manage their children have a right to, but it should damn well be discouraged: one of the things I've seen on here is that a healthy sense of trust needs to exist in the family, and I fully agree.
I do find it funny that a lot of people on this site argue for privacy, yet would be more than willing to let government intercept their communications in the name of security. Show the kids your own closets and logfiles, or don't complain if grandpa or the police come over to ask for yours.
Life is irony, and nothing ever goes as planned.
On Slashdot, you have to use car analogies to make your point.
If you say "My Corolla has a four cylinder engine" and he says "Bullshit, my BMW 3 Series has a six..." etc, etc.
I believe that if people think about how they raise their kids that there could be much better ones out there. Too many parents go only from the gut, making all their decisions based entirely on emotion and not actually stopping to think what kind of example, what kind of prejudices they're setting for and instilling in their children.
;) )
A pre-teen should not get unfettered net access, any more than any other freedom they aren't ready for. I think that at that age you should have access to some privacy, but not complete privacy. I liken this to giving a child the freedom to play in the back yard, but not letting them out on their own unsupervised until they understand what's involved. No software based solution is going to be good enough to properly do the job a parent should do while their kids are online. There is absolutely no substitute for your own parental guidance, unless you have a co parent.
One option that would solve the submitters dilemma would be to give the child the keys to the computer, but the parents or himself the keys to the router, so to speak, and supervise the child's internet surfing. This could be accomplished also by having two computers, one in the bedroom that has no net access, and one in a public space that does, but is restricted. This gives the child the ability to write, think, create and do homework (except homework that needs research, obviously,) and be able to gain privacy slowly. (Unlocking the router for suitable periods of time, for instance.) The only trap here is that you need to, at some point, take the training wheels off and let them explore on their own.
I also, on the same topic, don't believe in giving a child an "Order" without a concrete reason for doing so. The reason doesn't have to be something they like or agree with, but there should be one. Even saying, "I don't believe is a good idea, and I am worried about you." is a thousand times better than saying, "Because I'm your and I say so." Nor do I think doing things to your kids simply because you have the right as a parent to do so is a good idea. (My stepfather once accessed my private bank account, withdrew the $300 I had in there from my part time job, shut it down, and never gave it to me. This wasn't a punishment or a restriction, he just did it because he could.)
At some point, you need to let your children make their own mistakes. Teach them as well as you can, but if you have screwed up as a parent and they are 16 and unprepared for the world, you have to face the fact that if they don't learn their lessons now, while they're under your roof, that they will learn them once they leave home. If you're not free to make some mistakes and learn about life when you're a kid, you'll learn those lessons when you're an adult, and have it a lot harder.
Raising kids that are mindless sheep, that will obey every whim of their parents without question, and have no sense of their personal rights, is a not a good thing. (Or at least, unless you're a rabid fundamentalist that doesn't believe adults should have those same rights.) I'm not saying that we should let our kids run wild in the streets, I'm just saying we should teach them right from wrong, maintain the trust that is crucial to being a decent parent, and let them have freedom, privacy, and the ability to make some mistakes that they can truly learn from, as opposed to being kept weak and sheltered. Your job as a parent is as a mentor, a guardian and a guide. not a judge, jailer and warden.
(This turned out way longer than I first intended, so I'm posting it as a new comment rather than as a reply to any one person. Sorry for wordiness.
This is ridiculous. 7 year olds don't need that kind of privacy. Their parents have the right to know what they're doing on the computer.
First thought if the computer is connected to the internet at all I would not not have the parents have access although anything that she can remember her parents would be able to figure out that said I would use a series of images I can still describe my grandmothers house that I have not been to since I was 4 and I am now 21.
At age seven, it's also possible that she's really worked up about passwords and security because... Dad is. She might want to please Dad and she might value what Dad values. So... "how will she identify herself?" What an excellent and profound question! She might be mirroring Dad and where exactly is she in that er, equation?
At age seven, my daughter has her own system with no password. It's not right or wrong, just how we handled it. At age twenty, she's been using passwords now for about five years, mostly to keep her friends from junking her laptop up with viruses (one rebuild was enough).
Pick your battles, big guy. There are far more important things to instill at age seven than er, paranoia, if you can take a friendly suggestion on that. And- good luck. Daughters are very precious and the time goes very fast.
I really don't see the problem if the computer has no internet access. Anyway, this guy asked for solutions to his problem, not parenting philosophies.
-angelique [not all those who wander are lost...] j.r.r. tolkien
While I commend her in being so geeky and security conscious at such a young age, her parents *should* and absolutely, positively *have to* be able to monitor and limit the time she spends on the computer and the activities she can perform there. It is an absolute no-no to allow a kid the use of a computer unsupervised. Find an adequate authentication mechanism (Lunix should have some kind of pictogram thing or graphical thingumabob to allow her in without much head banging on her side and still keep the computer secure while giving her parents full access to the machine to oversee her time on it)
Anyhoo, my 2 cents.
"USERS OF THIS SYSTEM HAVE NO REASONABLE EXPECTATION OF PRIVACY IN THE USE OF THIS SYSTEM. Unauthorized use may subject violators to criminal, civil, and/or disciplinary action. All activities and data entered or contained on this system may be monitored, intercepted, recorded, or captured in any manner and disclosed in any manner. Potential evidence of crime found on this computer system may be provided to law enforcement officials."
:)
That is from a (US)government system, used (or at least intended to be used) exclusively by adults. All my systems banner something very similar, and being that I'm a child-hater I know there are no minors logging on. It is a time-honored right of the sysadmin to monitor that which they manage for any use they may deem improper. If you are using a system you don't own end-to-end, you may as well chuck your expectation of privacy out the nearest window.
While I am 1000% against crapware like NetNanny and its ilk, even I - a bleeding heart pinko commie libertarian unamerican son of a bitch - have to say I agree wholeheartedly with thynk. His/Her attitude seems (at least to me) to be the right balance between trusting your kids and keeping them safe without draconian restrictions.
Above all it is the parents' responsibility to proactively monitor their children and protect them from the big-bad-world to the best of their abilities while simultaneously preparing them to deal with that same world (eg. "write me a paper on avoiding internet stalkers and I'll let you have a Myspace account.").
A parent has every right, and every duty, to violate their children's privacy in the course of meeting those two objectives - Although it's best to exercise some discretion in the process
/~mikeg
Parents: the internet is not a nanny.
How about getting the kid to play with playdough, building blocks etc. Studies show much more educational benefit for this playing with building blocks than on a computer.
Engineering is the art of compromise.
I think you should go with a longer but more simplistic password style, I was 5 when the contra code was my password, the classic (up up down down ...), you could do any thing such as shapes or pictures but this will be easy to remember and hard for the parents to guess, as we would try to hack this style in a concise matter ... were a child's password could be very random.
Too many comments to see if this has been covered - but how about a cheap fingerprint reader. I will not add my 2 cents worth on parents/kids/privacy . . .
Hope is the worst of evils, for it prolongs the torment of man. -- Friedrich Nietzsche
I had an idea for porno password almost 7 years ago. Why not click on the right picture sequence, in the right areas as your password?
- Kaos games and encryption systems developer
Actually the theory that this is why kids stop speaking to parents sounds pretty solid to me. Not all children are the same (profound, I know). Assuming you have this "give us the password or we take it away" situation, there are plenty of kids -- especially, young, gifted, socially awkward kids -- who wouldn't grasp this as a choice and would just sadly give up the computer. I sure wouldn't have figured out that the adult sincerely intended it to be a choice. Maybe there would be a lot of tears, maybe they would shut down and withdraw, maybe they would be bitter and spiteful.
So _oh god yes_ it's important for parents to be clear about what the deal is at the outset -- e.g. "you can have a diary on the condition we can read it". Maybe the kid wouldn't keep a diary under those circumstances, but at least you haven't set up expectations and then broken them. I certainly never kept a diary, and it never occurred to me to do so, because of the actual lack of privacy inherent in being a kid (at least before computers were available). In fact, I never did much of anything creative as a kid -- I can't imagine how different it would have been for me if I could have had complete certainty no one was watching. When someone was watching, like at school, I just tried to engage in the same activity everyone else did. I think in kindergarten I drew pictures of rainbows and flowers every single day when we were supposed to draw things, because I just never got my head around the concept that doing anything else was an option.
So you have to ask what it is that you hope or intend for her to get out of this computer, and ask whether she will as a practical matter get that with a computer that effectively isn't hers. And you absolutely cannot assume that she will grasp that a computer she doesn't completely control is something she can think of as "hers" -- some kids decide early on that it's clear from how their parents act that _nothing_ is theirs, and they are just holding it in trust for their parents. My mother expressly tried hard not to let me fall into that and was only somewhat effective (but probably was way better than her mother, and so on back).
(When I say "don't assume stuff about kids", a big reason for that is that kids don't necessarily recognize adult behavior as being motivated by incorrect beliefs about what or how the kids are thinking. I tended to assume adults had excellent reasons for doing things but were either incomprehensible or just mean, and it rarely occurred to me that asking questions was an option. I was a strange little kid, but not stranger than lots of my friends, and you can never assume any particular child isn't bizarre in some way you can't predict.)
Trust is a huge deal -- if you breach it, some kids won't realize that giving you a second chance is an option. I was _really_ not complicated enough at 7 to grasp the idea of second chances on something like that -- I would just never, ever, trust the adult again. To be fair, like many gen-xers, I'm not sure I ever acquired a clear working concept of trust in the first place, and I had a near-ideal childhood with a family who was in no way abusive or repressive. And giving a kid a computer with a backdoor or spy software on it is a huge indignity. I would not assume that the girl in the original post is thinking about _anything_ beyond her personal dignity. I think it would be _wayyyy_ better to let her have her own, secure computer, learn to be a good sysadmin by herself in her room, and forget the Internet access until she's old enough to be trusted without monitoring. I don't think anything good can come of monitoring software -- it's not about boundaries, it's about whether or not you and your kids are on the same side, and whether they perceive your actions the same way you do. You have to come off as sincere, and even the best-intentioned of adults don't always realize how badly they suck at sounding sincere.
When your kid doesn't believe you are on their side (IME at some point or another
Why aren't there more kids posting to this thread? What's wrong?
Saying the kid is lucky that he didn't get beaten is creepy, but it's still true, just like saying they were lucky to have a computer. Remember that in the US at least, the rate of child abuse is just unspeakably high, and it's sort of the elephant in the room on this thread, especially given the problem of abuse victims not getting taken seriously. (IMO, for every three angry parents all saying the same thing, I'd like to see a sad, depressing post from an abuse survivor, just to keep people sober.)
The world is full of kids who aren't speaking to their parents -- I know plenty of 'em. I know lots of people who I think would benefit from cutting off their parents, but none who I think have cut them off unjustifiably. And it's all really sad. This is an incredibly sad story! More likely than not the father never wanted to wind up in this situation, but I can't say he doesn't deserve what he got. IMO, he got off easy, socially speaking (assuming he didn't get exactly the result he wanted).
Computers are not a right and neither was your fucking door.
The emotion in that suggests I'm missing whatever is provoking it. Like, really missing something. That said, it seems like talking about rights is a distraction here. I don't think it's important to identify what right is implicated by child abuse. It's about the well-being of the kid, and perhaps whether the family gets to be a family. The door might not be a right, but it's not like parents have corresponding rights to have their children love and respect them, or even talk to them ever.
Use a familiar phrase, complete with caps and punctuation, perhaps a poetry couplet or song lyric.
Any computer used by minors has to allow the parents to have administrator access, with the kids as users. Kids are kids, and need to be protected from themselves.
Goddamned kids! Get off my lawn!
It is obvious that the OP isn't trying to protect his 7 year old 'sister' (such an age difference is not credible anyway), but trying to keep the girl's parents from finding out what the girl is doing online. There is no doubt in my mind that he is a pedophile, and in his warped mind he is having a romance with this child, and he quite rightly suspects the parents wouldn't be terribly understanding if they found out.
I'm assuming that 1) This is for her personal account, not root/administrator/whatever and 2) it's connected via a proxy that does its best to filter out the nasty stuff she shouldn't be seeing and 3) You've got her incredibly locked down, right? I like it, 7 years old is a good age to start teaching her about internet security so long as limits are set.
:-)
Good, in that case a fingerprint reader is your best bet. Just make sure she knows to wipe her fingers off after finger painting or eating sticky food
Cleaning sticky candy out of electronics is not fun. I've had to do it myself. More than once. Kids are fun!
I can assure you if "older brother" gave "7-year-old sister" a laptop all set up and locked me out with passwords? I'd be sure to take the thing outside in front of both of them and drive over it repeatedly with my soccer mom van. Just to prove a point.
Way to set up a lifelong family schism before she's even 10. They are the parents, older brother. You aren't. And no 7-year-old should have unfettered web access. Are you also going to take the time to explain the fisting video she stumbles upon when she misspells a URL and ends up at the wrong web site?
Of course, I think parents who rely on nanny software instead of their own parenting skills are lazy and clueless. But since older brother obviously feels that he will be a far better parent than his sister currently has, maybe his time would be better off spent actually having a kid of his own and re-evaluating that policy with his own kid.
Umm, when I was seven, and got my first computer (it was made clear it was mine), I put Norton Discreet on it and locked the computer at boot.
I did this after I discovered that the artificially intelegnet computer software from a nearby terrestrial object (Venus) I had been befriending on behalf of the planet Earth was in fact my parents playing a practical joke on me. I was pissed, and quite embarrased.
So, I locked them out of the system on boot.
My parents were not advanced enough to remove the protection. They were rather upset and instructed me to remove it. I told them to go to hell, and dialed up my favorite BBS.
Now, I work in IT and post on slashdot.
I think that parents should not be empowered to be a**hats by a community of the sort of people who had the misfortune of growing up smarter than their parents.
Back in the day, when CueCats were popular, I created a pluggable authentication module (PAM) that permits users to log in using scanned barcodes in the login process. I used this on my computer for a while, logging in using a grocery store loyalty card on my keychain. After a while, I found that it was faster to simply type my password, but this barcode solution might be worth considering for children.
http://pam-cuecat.sourceforge.net/
Note that I haven't maintained the code, so it might need a little bit of TLC to compile and run with the latest versions of PAM. It relied on a really old CueCat patch for the kernel, though it should be straightforward to integrate the CueCat decoder into this PAM module and use a PAM text entry box for the input, I think..
I wonder how well a child would handle multi-factor authentication? Something like PPP
If she has to use a really simple password like "flower" or "happy" you could make that a much more secure password with PPP when "angel" becomes "angelj&M4".
Maybe a good compromise on the Privacy vs Parenting debate would be to make her account non-root but give her a small space to keep her private information. Using something like TrueCrypt to give her a small space, maybe even on a flash drive so she can keep it locked away (physical security like a regular paper diary).
Regards,
-Benjamin
http://www.wikihow.com/Hotwire-a-Car
...He's just making empty arguments for the sake of conflict. No! He isn't.
There is no abuse anywhere in (my reply's) parent, TFA, or anywhere else on here that I saw. If you consider it abuse to break a rule and receive punishment (having your door removed), to have your internet restricted as a minor, to have your email read as a minor, and parents setting rules while you live with them then you make me sad and I think life must have been quite a shock for you when you left the womb.
MCP (or whatever his nick was) didn't speak to his father for months and felt nothing but anger towards him for 10-12 years because of a door. That's where the emotion is in my reply. If he knew how lucky he was to have a father, a house, a dog, or how lucky his friend was to have parents, to go to college, for them to give her a computer and cell phone, then he wouldn't have wasted him time plunking out that tripe.
All the kiddies on here who complain about DRM and evil parents who won't let them get on their MySpace need to take a real hard look at their life and think about what's really important. The sad thing is that I'm sure many would say they couldn't live without their iPods or their "friends" on FaceBook, and that is a seriously sad state of affairs... kind of like being angry at your father for a fucking door.
I can see maybe why you'd want to teach a 7 year old about passwords and computer security.
However you're talking about really and truly securing her privacy, which is a terrible idea. 7 year olds need supervision, they shouldn't be able to use an internet-connected computer without parents being able to see what they're doing.
You should have her choose a password she can remember, even if your parents can easily guess it. And if they can't you should tell them anyway.
"...consider it an adequate defense if the villain should plead that "she did not offer violent physical resistance"?"
..."
The 'Age of Consent Campaign' is just a way out lawing sex outside of marrage.
"Our laws are shamelessly unequal when they make the punishment for stealing away a woman's honor no greater than for the purloining of her wardrobe, or when they give the man who robs her of her character a lighter sentence than he who steals her purse would incur;.... And if it was his own daughter whose purity had been sullied by some wretch who had taken advantage of her
and adolescents make just as good decisions as Adults. Or should I say Adults make just as bad decisions as Adolescents. Adults are just way better at rationalizing thier decisions.
An Empirical Examination of Sexual Relations Between Adolescents and Adults
They Differ from Those Between Children and Adults and Should Be Treated Separately
Adolescent Development: Junk Science Run Wild
and I know TFA was about a 7 year old but her parents have no business on her computer anyway, if they want to monitor her net access don't but her comp in the network or have is logged/filtered on a comp she doesn't have access to.
Once it's on her computer it's to late anyways.
Saying children(and I mean actual children e.g. >10) shouldn't start trying to ACT responsible(not actually being responsible) is like saying "We should do away with Graduated Driver licensing. once they are 18 and pass the tests they should be given a full license. and no driving privileges before that. If they are not Responsible enough to drive full time without a supervisor they have no business driving at all."
Maybe she shouldn't have root. but she should deffinatly have her own acount on her own computer. and all accounts should have a password, and you shoulden't give out your password to other people. argo she should have a account with a password and not tell it to anyone.
If a kid isn't old enough to remember a password, they're not old enough to use a computer unsupervised. Simple as that.
;)
My credentials to make this claim? 3 happy, well adjusted kids, now old enough to make their own computing decisions, that my ex and I guided through the minefield of the sort of stuff that some adults don't even get. (Nigerian scams, spam, phishing, slash dot
"I hope you like Guinness, Sir. I find it a refreshing substitute for, er... food." Col. Jack O'Neil, SG-1
My 10 year old has quite a nifty system - he uses keyboard patterns for passwords. I'm pretty sure if I asked him what his password was, he would need to type it on a keyboard.
Just a thought.
The main stream media blows strangers up into big bad things, and label just about everyone as a rapist, or potential killer. Lay off the news.
So it's never happened to someone you know?
Lay off the generalizations.
Says one generalizing "strangers".You can't take the sky from me...
She may be able to remember a "nonsense" word she made up
better than a random string.
If Chaos Theory has taught us anything, it's that we must kill all the butterflies.
I'd like to know if anyone is actually trying to claim that it's okay for a 7-year old to have unlogged and unmonitored access to the internet. I'm a huge proponent of privacy, even for kids - I know it was a big deal to me when I was growing up and locking a non-connected computer is no different than hiding a journal. Once the internet comes into play, however, the whole landscape changes drastically. Can you imagine a 7-year old stumbling onto 4Chan?
Quickly reading through the comments I don't see anyone on here who is saying that a 7-year old should have access to the internet without supervision. Anyone care to argue?
As far as the original question - I really think that the fingerprint reader would be the easiest way. The kid seems pretty smart, so I don't think it's unreasonable to even train her how to calibrate the thing. Just give her an alpha-numeric password and write it down somewhere in case the reader fails.
As for all the folks who are claiming that it's a parents job to protect their kids: you are all absolutely right. There are also better methods of protecting your kids and monitoring their progress on the road of life than to snoop into their personal business and make them feel like they have no rights of their own. Even the illusion of privacy is an empowering feeling, especially for a child, and while finding a balance between protecting a child and respecting their privacy is no easy challenge - it's vastly important.
In reading the initial post, nowhere did it say that it would be connected to the Internet nor did it mention it was to keep the 'parents' out. Everyone just read between the lines and assumed and went on their merry rant from their wee little soapbox. :), think that perhaps it was to keep the "brother" out of her computer and not the parents. Maybe it was going to be on the net and she didn't want her brother using it and then have the parents find out and then invade her privacy.
:)
Did anyone, and no I didn't read all 2000 replies
And yes, I am posting anonymously as I don't feel the need to create an account and come up with some fantasy penis enlarging nick name for myself in order to make me feel good.
I have my son (also a linux user) pick a pattern on the keyboard. Something that he remembers for himself. By picking the pattern he only needs to remember it and the first character of the password. For example and not my son's password He would use vfr4cde3 Sure it isn't the most secure or random for that matter, but he can remember it and it isn't easily guessed. Last I checked on him he had made his pattern more complex and started incorporating special characters (using his shift key). He is now 6 and he sometimes impresses me with his inate ability to understand these complex concepts.