Security: Password security

From Gender and Tech Resources

Title of the tutorial Password security
Attributions
Kind of learning session Train of trainers, 101
Tutorial category Energiser
Duration (hours) 0.5
Learning objectives To understand the need for secure passwords, and to be aware of other people's experiences in this space.
Prerequisites Facilitators should be able to install, use and explain password management software like LastPass or Keepass, and to be able to explain and answer questions about passwords.

Facilitators also need to come up with a few key statements and questions for the 'secure password race', as described below.

Methodology This session has two parts: first, an activity to get people to understand different levels of password security, and secondly, a hand on part of learning about the password management tools. This tutorial will only cover the activity in detail – please refer to Security in a Box for more details on how to use and install the various tools.

Get participants to line up at the back of the room – the aim of this activity is to reach the far wall the fastest, like a race.

This, though, is a 'secure password race'. By asking questions about participants use of secure passwords, they will move forward or backwards, depending on the answer.

For example:

  • if you have used the same password for two or more accounts, take 3 steps back
  • if you already use Keepass or a secure password management tool, take 2 steps forward
  • if someone else knows the password to your main email account, take 2 steps back

Once at least one participant has reached the 'goal line', bring the participants back into a group, and have a discussion around the characteristics of good password management, based on the activity. One of the facilitators could make a list of these characteristics on a flip chart.

For the next part of the session, do a hands on introduction to password management tools.

Number of facilitators involved 1
Technical needs None
Theoretical and on line resources [[Theoretical and on line resources::Security in a box]]