Computer Science
Grade 9
20 min
Protecting Your Password
Protecting Your Password
Tutorial Preview
1
Introduction & Learning Objectives
Learning Objectives
Define the characteristics of strong and weak passwords.
Explain the concept of password entropy and its importance for security.
Identify three common password attack methods: brute-force, dictionary, and phishing.
Demonstrate how to create a strong, memorable password using the passphrase method.
Explain the function and importance of Multi-Factor Authentication (MFA).
Describe the role of a password manager in securing multiple digital accounts.
Ever used 'password123' for an account? 🤔 Let's find out why that's the digital equivalent of leaving your front door wide open with a sign that says 'come on in'!
In this lesson, you'll learn what makes a password strong, how hackers try to break them, and the best methods...
2
Key Concepts & Vocabulary
TermDefinitionExample
Password StrengthA measure of a password's effectiveness against guessing or brute-force attacks. It is determined by its length, character variety (uppercase, lowercase, numbers, symbols), and unpredictability.Weak: `cat123`. Strong: `R#andom-P!an3t-G3nerat0r`
EntropyIn the context of passwords, entropy is a mathematical measure of randomness or unpredictability. A password with high entropy is much harder for a computer to guess.The password `July` has very low entropy because it's a common word. The password `8$k#Zp@v` has very high entropy because it's a random string of different character types.
Brute-Force AttackAn automated attack where a program tries every possible combination of characters, one by one, until it discovers the correct password...
3
Core Syntax & Patterns
The Complexity Formula
Strength = Length (12+) + Character Variety (Aa1!) + Unpredictability
Use this formula to create and evaluate passwords. A strong password must be long (at least 12-16 characters), use a mix of uppercase letters, lowercase letters, numbers, and symbols, and must not be a predictable word or pattern.
The Uniqueness Principle
One Unique Password Per Account
Never reuse passwords across different websites. If one site has a data breach and your password is leaked, attackers will use it to try to log into your other accounts (like email, banking, and social media). A password manager is the best tool to manage this.
The Passphrase Method
Combine 4+ random, unrelated words.
This is a technique for creating passwords that are both very long (high str...
4 more steps in this tutorial
Sign up free to access the complete tutorial with worked examples and practice.
Sign Up Free to ContinueSample Practice Questions
Challenging
Imagine you are designing a new secure system. Based on the tutorial's principles, which set of policies would provide the strongest protection for user accounts?
A.Require 8-character passwords, but force users to change them every 30 days.
B.Require 10-character passwords using only letters and numbers, and lock accounts after 10 failed attempts.
C.Enforce a 15+ character minimum length, check new passwords against a list of known breached passwords, and strongly encourage or require MFA.
D.Allow any password, but require users to answer three personal security questions if they log in from a new device.
Challenging
The tutorial states that cracking tools instantly check for 'leet speak'. How might this feature be programmed by combining the concepts of a dictionary attack and character substitution?
A.The tool performs a brute-force attack on every character, which happens to find the substitutions.
B.The tool's dictionary contains only 'leet speak' words like 'p@ssw0rd'.
C.For each word in its dictionary (e.g., 'password'), the tool programmatically generates all common substitutions (p@ssword, pa55word, p@55w0rd, etc.) and tries them all.
D.The tool asks the user if they used 'leet speak' and then targets the password accordingly.
Challenging
A student uses a weak, reused password (`Dog123`) for all their accounts, including school, social media, and online banking. Which single action would provide the GREATEST and most IMMEDIATE security improvement for their online banking account?
A.Changing the password on their social media account.
B.Running a virus scan on their computer.
C.Enabling Multi-Factor Authentication (MFA) on the banking account.
D.Changing the banking password to `Dog123!`.
Want to practice and check your answers?
Sign up to access all questions with instant feedback, explanations, and progress tracking.
Start Practicing Free