Entropy - lack of order or predictability; gradual decline into disorder.
I would like to start my blog for the “Digital Citizenship” course in the same manner with which I would begin with if I were teaching one of my classes in technology. This week we began the EDUC-5131 with a few select discussions. The primary theme was one of choice regarding how we approach the concept of Digital Citizenship with respect to the students in our class. Long before I begin discussing select topics of netiquette, cyber-bullying, or even copyright issues, I begin with security. Reflecting on a mid-forum summation on the topic of choosing a dark or a light side of instruction the statement “how do we teach our learners to navigate the 'town square' that is the internet...” .(James, 2017) got me thinking. What type of introductory talk should we be having with our students? I would venture to say that we should begin with the topic of personal security and its importance in the assurance that we are doing all we can to prepare our students for their journey into the virtual town square.
I am the father of a ten year old daughter. Starting only a few years before her birth we saw the emergence of Facebook and YouTube with Twitter and Instagram following suit shortly after. Today we have Snapchat and apparently Myspace is back on the scene. I have armed my daughter with what I believe are the skills she needs to protect herself for when she ventures out into the physical world. We have had the “Look both ways before you cross the street” talk. More importantly we have talked about personal security, strangers and the importance of a strong, safe and secure home. We have locks and an alarm system all with secure keys and passwords that only we know. I apply the same tactics when directing her habits in the virtual world. I didn’t just stop there. I have discussed potential vulnerabilities to her personal security that could be created through actions of her friends and other people she knows. I would equate this to going to the “town square” with her friends. She may be prepared but, are they? What are they revealing to the shadows? I do the same in the beginning stages of all my courses that include the use of Internet capable devices. We begin with the concept of passwords.
Personal safety on the Internet begins with a strong password!
Personal Safety has been a discussion of teachers for students for decades if not centuries. I do, although, believe that we need to put more emphasis into personal security and awareness of who/what we should trust as individuals both in the physical and the virtual. I will be so bold as to say that the virtual “town square” has many more dark alleys than the physical one. The one thing continues to stick in my mind, is the amount of trust we put in the systems that are supposed to safe guard us. How can we be sure that we have adequately prepared our students to keep their “keys” safe? When you buy a home you change the locks and only give a copy to the ones you trust the most. You would never keep the same lock on the say-so of the previous owner who claims to have handed you all the copies of the keys. Why do we put such faith in systems with the assumption that they are always secure? Many of us can recall when the Heartbleed security bug was discovered in April of 2014. It was reported as many as two thirds of the sites on the Internet could be affected. Companies such as Google, Facebook and Revenue Canada were affected. Within a matter of weeks, more than 65% of potentially effected users still hadn’t changed their password or even knew to do so for that matter (Humphries, 2014). If one of the keys to your house was knowingly stolen you would most likely do something about it. Wouldn’t you? With that said, why do we not change something as basic as the default password provided to us by a service we are accessing? Changing an assigned default password is a concept I work hard to pass on to my students. We need to teach them to build the keys to their locks out of steel and not butter!
Merely changing a default password is not enough to ensure that your data is safe. Thought should be placed on selecting a password that is strong and is not made up of elements that reflect characteristics of the user. Passwords that consist of portions of a username, a birthday or the name of a pet are not considered to be sufficient. While passwords that are dozens of random characters long are not thought to be practical. In fact, at one time changing a password after short intervals of time such as 60 days was thought to decrease the level of vulnerability to a user. Recent studies have shown that “frequent password changes do little to improve security and very possibly make security worse by encouraging the use of passwords that are more susceptible to cracking” (Goodin, 2016). We need to find a good balance when we convey the importance of security to our students. Overall, Students should be encouraged to be smart about how they build their first level of personal security and to not take it for granted.
Some Interesting Facts about Passwords
Goodine, D. (2016, August 2). Frequent password changes are the enemy of security, FTC technologist says. Ars technica. Retrieved from
Humphries, D. (2014, April 29). 67 Percent of Internet Users Haven’t Changed Passwords After Heartbleed. Intelligent Defense. Retrieved from
James, D. (2017, July 5). Re: Dark and Light Discussion. EDUC5131 Courseware Moodle. Retrieved from
http://wpengine.com/unmasked/ (The 50 most used passwords)
http://wpengine.com/unmasked/ (keyboard patterns)