Slashdot Mirror
Ask Slashdot: How To Keep Students' Passwords Secure?
First time accepted submitter bigal123 writes My son's school is moving more and more online and is even assigning Chromebooks or iPads to students (depending on the grade). In some cases they may have books, but the books stay home and they have user names and passwords to the various text book sites. They also have user names/passwords to several other school resources. Most all the sites are 3rd party. So each child may have many user names (various formats) and passwords. They emphasized how these elementary kids needed to keep their passwords safe and not share them with other kids. However when asked about the kids remembering all the user names and passwords the school said they are going to have the kids write them down in a notebook. This seemed like a very bad practice for a classroom and to/from home situation. Do others have good password management suggestions or suggestions for a single sign-on process (no/minimal cost) for kids in school accessing school provisioned resources?
If you don't want to use a password manager, create each password with a base word that is not written down, then add characters to each password that are written down. For instance, the base word could be "boxcar". Then, actual passwords might be boxcar357a, just write down the 357a. Or some variation of this approach.
Thank you, I've been posting this to every password-related Slashdot article for years and never managed to get modded up. My scheme is a slight variation, where the "357a" part is derived from the name of the web site or application you are logging into. Maybe you use the vowels in the web site name and their count: so the password for homework.com might produce "boxcaroeoo4." With this approach, instead of writing down "357a" or "oeoo" you write down "vowels + count" or "standard derivation" or something like that. The benefit is that if you use the same algorithm most of the time you don't have to write anything down.