Password management for kids - what's a good way to start?Password management/synchronization?Password Management within an OrganisationFOSS Enterprise Password Management SolutionWeb browser password management securitySecure password managementPassword managementPassword management: how an administrator should reset password for a user?Best way to store a password for web appAn idea for a universal password management standardVirgin air-gapped devices and password management

How should I save/invest for my son

In the Schrödinger equation, can I have a Hamiltonian without a kinetic term?

How can you tell the version of Ubuntu on a system in a .sh (bash) script?

If I buy and download a game through second Nintendo account do I own it on my main account too?

What is my clock telling me to do?

Was Donald Trump at ground zero helping out on 9-11?

What Marvel character has this 'W' symbol?

How can I convert a linear narrative into a branching narrative?

What force enables us to walk? Friction or normal reaction?

Can you remove a blindfold using the Telekinesis spell?

Why “deal 6 damage” is a legit phrase?

How and when is the best time to reveal to new hires you are trans?

How do I make my photos have more impact?

What would the United Kingdom's "optimal" Brexit deal look like?

Can machine learning learn a function like finding maximum from a list?

Is it possible to tell if a child will turn into a Hag?

Academic progression in Germany, what happens after a postdoc? What is the next step?

Best Ergonomic Design for a handheld ranged weapon

How can I type the name of the person I'm calling on the dial pad and make the call?

What is the oxidation state of Mn in HMn(CO)5?

Should I intervene when a colleague in a different department makes students run laps as part of their grade?

How to remove rebar passing through an inaccessible pipe

Why does the Rust compiler not optimize code assuming that two mutable references cannot alias?

Avoiding Implicit Conversion in Constructor. Explicit keyword doesn't help here



Password management for kids - what's a good way to start?


Password management/synchronization?Password Management within an OrganisationFOSS Enterprise Password Management SolutionWeb browser password management securitySecure password managementPassword managementPassword management: how an administrator should reset password for a user?Best way to store a password for web appAn idea for a universal password management standardVirgin air-gapped devices and password management






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;








11















Consider a young (primary-school age) child who is starting to collect passwords for online services. How can a parent (or equivalent) help them manage their passwords?



An example to make things clearer: My daughter might want to log on to http://scratch.mit.edu from several locations/devices to show her projects to the family. She also has a couple of email addresses, one of which she's likely to be using herself soon (under supervision). While her own device will be logged in, she may need access from others.



So far I take care of it for her: I know her password and (pseudonymous) user ID, and store them in my KeePass. That's appropriate at this stage, but it's not much help if she needs them without me (short of sending login details in plaintext to her grandparents, for example). There should also be a solution that doesn't require me to possess these details, from the point of view of sticking to the general rule of keeping your login details secret. Memorising a really strong master password is probably a bit much to ask, and she's likely to mislay any physical storage.



I like to plan ahead, so moving forwards: What's the best approach to take for a young, fairly bright child, to keep logins safe and train good practice in advance of more important accounts?










share|improve this question





















  • 2





    We've had a good few questions on password management in general, but I don't believe we've dealt with the aspects specific to kids: training and the fact they're kids.

    – Chris H
    8 hours ago











  • Great question! What sort of age range are you thinking of?

    – Anders
    8 hours ago






  • 2





    @Anders our edits crossed, but I've added a deliberately vague "primary age". In my case the early half of that - she's a little young for scratch but is starting to enjoy it

    – Chris H
    8 hours ago


















11















Consider a young (primary-school age) child who is starting to collect passwords for online services. How can a parent (or equivalent) help them manage their passwords?



An example to make things clearer: My daughter might want to log on to http://scratch.mit.edu from several locations/devices to show her projects to the family. She also has a couple of email addresses, one of which she's likely to be using herself soon (under supervision). While her own device will be logged in, she may need access from others.



So far I take care of it for her: I know her password and (pseudonymous) user ID, and store them in my KeePass. That's appropriate at this stage, but it's not much help if she needs them without me (short of sending login details in plaintext to her grandparents, for example). There should also be a solution that doesn't require me to possess these details, from the point of view of sticking to the general rule of keeping your login details secret. Memorising a really strong master password is probably a bit much to ask, and she's likely to mislay any physical storage.



I like to plan ahead, so moving forwards: What's the best approach to take for a young, fairly bright child, to keep logins safe and train good practice in advance of more important accounts?










share|improve this question





















  • 2





    We've had a good few questions on password management in general, but I don't believe we've dealt with the aspects specific to kids: training and the fact they're kids.

    – Chris H
    8 hours ago











  • Great question! What sort of age range are you thinking of?

    – Anders
    8 hours ago






  • 2





    @Anders our edits crossed, but I've added a deliberately vague "primary age". In my case the early half of that - she's a little young for scratch but is starting to enjoy it

    – Chris H
    8 hours ago














11












11








11


3






Consider a young (primary-school age) child who is starting to collect passwords for online services. How can a parent (or equivalent) help them manage their passwords?



An example to make things clearer: My daughter might want to log on to http://scratch.mit.edu from several locations/devices to show her projects to the family. She also has a couple of email addresses, one of which she's likely to be using herself soon (under supervision). While her own device will be logged in, she may need access from others.



So far I take care of it for her: I know her password and (pseudonymous) user ID, and store them in my KeePass. That's appropriate at this stage, but it's not much help if she needs them without me (short of sending login details in plaintext to her grandparents, for example). There should also be a solution that doesn't require me to possess these details, from the point of view of sticking to the general rule of keeping your login details secret. Memorising a really strong master password is probably a bit much to ask, and she's likely to mislay any physical storage.



I like to plan ahead, so moving forwards: What's the best approach to take for a young, fairly bright child, to keep logins safe and train good practice in advance of more important accounts?










share|improve this question
















Consider a young (primary-school age) child who is starting to collect passwords for online services. How can a parent (or equivalent) help them manage their passwords?



An example to make things clearer: My daughter might want to log on to http://scratch.mit.edu from several locations/devices to show her projects to the family. She also has a couple of email addresses, one of which she's likely to be using herself soon (under supervision). While her own device will be logged in, she may need access from others.



So far I take care of it for her: I know her password and (pseudonymous) user ID, and store them in my KeePass. That's appropriate at this stage, but it's not much help if she needs them without me (short of sending login details in plaintext to her grandparents, for example). There should also be a solution that doesn't require me to possess these details, from the point of view of sticking to the general rule of keeping your login details secret. Memorising a really strong master password is probably a bit much to ask, and she's likely to mislay any physical storage.



I like to plan ahead, so moving forwards: What's the best approach to take for a young, fairly bright child, to keep logins safe and train good practice in advance of more important accounts?







password-management






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited 8 hours ago







Chris H

















asked 8 hours ago









Chris HChris H

2,9589 silver badges20 bronze badges




2,9589 silver badges20 bronze badges










  • 2





    We've had a good few questions on password management in general, but I don't believe we've dealt with the aspects specific to kids: training and the fact they're kids.

    – Chris H
    8 hours ago











  • Great question! What sort of age range are you thinking of?

    – Anders
    8 hours ago






  • 2





    @Anders our edits crossed, but I've added a deliberately vague "primary age". In my case the early half of that - she's a little young for scratch but is starting to enjoy it

    – Chris H
    8 hours ago













  • 2





    We've had a good few questions on password management in general, but I don't believe we've dealt with the aspects specific to kids: training and the fact they're kids.

    – Chris H
    8 hours ago











  • Great question! What sort of age range are you thinking of?

    – Anders
    8 hours ago






  • 2





    @Anders our edits crossed, but I've added a deliberately vague "primary age". In my case the early half of that - she's a little young for scratch but is starting to enjoy it

    – Chris H
    8 hours ago








2




2





We've had a good few questions on password management in general, but I don't believe we've dealt with the aspects specific to kids: training and the fact they're kids.

– Chris H
8 hours ago





We've had a good few questions on password management in general, but I don't believe we've dealt with the aspects specific to kids: training and the fact they're kids.

– Chris H
8 hours ago













Great question! What sort of age range are you thinking of?

– Anders
8 hours ago





Great question! What sort of age range are you thinking of?

– Anders
8 hours ago




2




2





@Anders our edits crossed, but I've added a deliberately vague "primary age". In my case the early half of that - she's a little young for scratch but is starting to enjoy it

– Chris H
8 hours ago






@Anders our edits crossed, but I've added a deliberately vague "primary age". In my case the early half of that - she's a little young for scratch but is starting to enjoy it

– Chris H
8 hours ago











3 Answers
3






active

oldest

votes


















3














Maybe the lesson for children should be less about how to use tools to manage a password, and more about understanding why managing passwords is important?



Let them write their passwords in a notebook. Have fun with devising a method for obfuscation in case the notebook is lost. Teach them about backups- keeping a copy someplace safe. In my experience, kids and old people are a lot alike when it comes to password (mis)management



Until they were skilled enough to manage their own passwd database, i also kept the kids logins in a "family KeePass". This is the same one where the aged family members stuff is- because people die and sometimes you need to recover things for otherwise unable people. The trust/risk calculus is different in a family group than in a work or social circle. There is also a difference between sharing access to a password and sharing a password.



It is awesome that you are thinking about this early. good luck!






share|improve this answer








New contributor



not_very_nice is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
















  • 1





    I'm not sure why this was downvoted... Possibly because of the advice to write passwords down. While not great advice, it's not the worst advice either, and is orders of magnitude better than reusing passwords. Especially if the passwords are obfuscated. (Hopefully a child isn't the target of a state-level-actor. ;-) )

    – Ghedipunk
    7 hours ago







  • 1





    @Ghedipunk obfuscation may be a little optimistic and kids are prone to losing things (and trying to solve the puzzles in their friends' notebooks for ill-advised pranks). But scepticism about one point didn't make a negative for me (+1 in fact)

    – Chris H
    7 hours ago


















3














"Logging in from multiple devices" if you do not own them, is one habit that would need to be stopped for general security.



Once you own all the devices in the scenario, one method that I saw for young people that was useful is to avoid dealing with passwords altogether: use the "forgot password" process.



If the device is owned and access to email is on the device, then you simply request a password reset link and use that. Nothing to remember.



Another method is to use an online, family password manager (LastPass has this feature, for instance). This feature is designed specifically for this problem, but it has a cost, and you might not like the cloud storage and multi-device syncing. But having this and managing it for your child might be worth it.



You could also teach a strong password pattern. Yes, patterns have an inherent and obvious vulnerability, but it is a method that can be considered for your personal risk assessment.



I'm a fan of the "password reset" process, myself.






share|improve this answer

























  • Multiple devices - still true even if we restrict to immediate family (i.e. those who manage her devices). I will open that up to trusted (by me and her) adults who have complete physical access to her devices (e.g. grandparents). Restricting it beyond that is pointless paranoia and at odds with advice regarding a child's physical safety. Your blanket statement is still an unrealistic ideal - the days of "you must check in on a device capable of printing no more than 24 hours in advance" and similar stupid processes aren't completely gone.

    – Chris H
    7 hours ago











  • "forgot password" is a nice idea, though for some services it still takes ages and I'm looking at ways of restricting her email so I review mystery senders. It doesn't (and neither does an online service) deal with the boot password for my desktop, on which she has her own account

    – Chris H
    7 hours ago











  • You might need to edit your question to include the scope of the types of accounts you need to account for. Your example was for online services. If you include physical devices, then you are left with either simple memory, or alternate login options, which is beyond the scope of your desire for "password management".

    – schroeder
    6 hours ago











  • I actually have a big problem with my child logging into her grandparent's devices. Just because they have full control of the devices my child does, does not make the grandparent's devices trusted, secure, or safe.

    – schroeder
    6 hours ago











  • I have mixed feelings. Without going into too much detail, some I trust as I would my own, but others - let's just say I haven't had to fix them for a while. The physical devices came in mainly as an illustration of comparable issues, and aren't meant to be part of the real question. The boot password was maybe a red herring - after all, her access to that machine is supervised and under my control.

    – Chris H
    6 hours ago


















1














Now i am not sure if i am right but i think teaching basic mnemonic techniques to kids seems like a wonderful idea to me.Its a skill that will help her lifelong and will also aid in avoiding writing down any passwords and low entropy password.Consider a 10 digit gibberish password such as 1kej@!lej2 .This could be easily remember if you just made up a story by using characters of the password.Schroeder's advice also seems good to be honest.You could also teach her in time "how to generate passwords with sufficient entropy" and use a password manager.Until then mnemonics should do fine for kids.They have a vivid imagination






share|improve this answer

























  • It's a nice idea, and works for a few passwords, but I can't remember more than a handful that way. It seems optimistic to expect this approach to last long given how many passwords people acquire.

    – Chris H
    7 hours ago






  • 1





    "Memorising a really strong master password is probably a bit much to ask".I was pretty much commenting on this one actually.But you are right trying to remember 30-35 tough password's even with mnemonics is rather tough/impossible.

    – Vipul Nair
    7 hours ago













Your Answer








StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "162"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);













draft saved

draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f214492%2fpassword-management-for-kids-whats-a-good-way-to-start%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown

























3 Answers
3






active

oldest

votes








3 Answers
3






active

oldest

votes









active

oldest

votes






active

oldest

votes









3














Maybe the lesson for children should be less about how to use tools to manage a password, and more about understanding why managing passwords is important?



Let them write their passwords in a notebook. Have fun with devising a method for obfuscation in case the notebook is lost. Teach them about backups- keeping a copy someplace safe. In my experience, kids and old people are a lot alike when it comes to password (mis)management



Until they were skilled enough to manage their own passwd database, i also kept the kids logins in a "family KeePass". This is the same one where the aged family members stuff is- because people die and sometimes you need to recover things for otherwise unable people. The trust/risk calculus is different in a family group than in a work or social circle. There is also a difference between sharing access to a password and sharing a password.



It is awesome that you are thinking about this early. good luck!






share|improve this answer








New contributor



not_very_nice is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
















  • 1





    I'm not sure why this was downvoted... Possibly because of the advice to write passwords down. While not great advice, it's not the worst advice either, and is orders of magnitude better than reusing passwords. Especially if the passwords are obfuscated. (Hopefully a child isn't the target of a state-level-actor. ;-) )

    – Ghedipunk
    7 hours ago







  • 1





    @Ghedipunk obfuscation may be a little optimistic and kids are prone to losing things (and trying to solve the puzzles in their friends' notebooks for ill-advised pranks). But scepticism about one point didn't make a negative for me (+1 in fact)

    – Chris H
    7 hours ago















3














Maybe the lesson for children should be less about how to use tools to manage a password, and more about understanding why managing passwords is important?



Let them write their passwords in a notebook. Have fun with devising a method for obfuscation in case the notebook is lost. Teach them about backups- keeping a copy someplace safe. In my experience, kids and old people are a lot alike when it comes to password (mis)management



Until they were skilled enough to manage their own passwd database, i also kept the kids logins in a "family KeePass". This is the same one where the aged family members stuff is- because people die and sometimes you need to recover things for otherwise unable people. The trust/risk calculus is different in a family group than in a work or social circle. There is also a difference between sharing access to a password and sharing a password.



It is awesome that you are thinking about this early. good luck!






share|improve this answer








New contributor



not_very_nice is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
















  • 1





    I'm not sure why this was downvoted... Possibly because of the advice to write passwords down. While not great advice, it's not the worst advice either, and is orders of magnitude better than reusing passwords. Especially if the passwords are obfuscated. (Hopefully a child isn't the target of a state-level-actor. ;-) )

    – Ghedipunk
    7 hours ago







  • 1





    @Ghedipunk obfuscation may be a little optimistic and kids are prone to losing things (and trying to solve the puzzles in their friends' notebooks for ill-advised pranks). But scepticism about one point didn't make a negative for me (+1 in fact)

    – Chris H
    7 hours ago













3












3








3







Maybe the lesson for children should be less about how to use tools to manage a password, and more about understanding why managing passwords is important?



Let them write their passwords in a notebook. Have fun with devising a method for obfuscation in case the notebook is lost. Teach them about backups- keeping a copy someplace safe. In my experience, kids and old people are a lot alike when it comes to password (mis)management



Until they were skilled enough to manage their own passwd database, i also kept the kids logins in a "family KeePass". This is the same one where the aged family members stuff is- because people die and sometimes you need to recover things for otherwise unable people. The trust/risk calculus is different in a family group than in a work or social circle. There is also a difference between sharing access to a password and sharing a password.



It is awesome that you are thinking about this early. good luck!






share|improve this answer








New contributor



not_very_nice is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









Maybe the lesson for children should be less about how to use tools to manage a password, and more about understanding why managing passwords is important?



Let them write their passwords in a notebook. Have fun with devising a method for obfuscation in case the notebook is lost. Teach them about backups- keeping a copy someplace safe. In my experience, kids and old people are a lot alike when it comes to password (mis)management



Until they were skilled enough to manage their own passwd database, i also kept the kids logins in a "family KeePass". This is the same one where the aged family members stuff is- because people die and sometimes you need to recover things for otherwise unable people. The trust/risk calculus is different in a family group than in a work or social circle. There is also a difference between sharing access to a password and sharing a password.



It is awesome that you are thinking about this early. good luck!







share|improve this answer








New contributor



not_very_nice is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.








share|improve this answer



share|improve this answer






New contributor



not_very_nice is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.








answered 8 hours ago









not_very_nicenot_very_nice

411 bronze badge




411 bronze badge




New contributor



not_very_nice is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.




New contributor




not_very_nice is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.












  • 1





    I'm not sure why this was downvoted... Possibly because of the advice to write passwords down. While not great advice, it's not the worst advice either, and is orders of magnitude better than reusing passwords. Especially if the passwords are obfuscated. (Hopefully a child isn't the target of a state-level-actor. ;-) )

    – Ghedipunk
    7 hours ago







  • 1





    @Ghedipunk obfuscation may be a little optimistic and kids are prone to losing things (and trying to solve the puzzles in their friends' notebooks for ill-advised pranks). But scepticism about one point didn't make a negative for me (+1 in fact)

    – Chris H
    7 hours ago












  • 1





    I'm not sure why this was downvoted... Possibly because of the advice to write passwords down. While not great advice, it's not the worst advice either, and is orders of magnitude better than reusing passwords. Especially if the passwords are obfuscated. (Hopefully a child isn't the target of a state-level-actor. ;-) )

    – Ghedipunk
    7 hours ago







  • 1





    @Ghedipunk obfuscation may be a little optimistic and kids are prone to losing things (and trying to solve the puzzles in their friends' notebooks for ill-advised pranks). But scepticism about one point didn't make a negative for me (+1 in fact)

    – Chris H
    7 hours ago







1




1





I'm not sure why this was downvoted... Possibly because of the advice to write passwords down. While not great advice, it's not the worst advice either, and is orders of magnitude better than reusing passwords. Especially if the passwords are obfuscated. (Hopefully a child isn't the target of a state-level-actor. ;-) )

– Ghedipunk
7 hours ago






I'm not sure why this was downvoted... Possibly because of the advice to write passwords down. While not great advice, it's not the worst advice either, and is orders of magnitude better than reusing passwords. Especially if the passwords are obfuscated. (Hopefully a child isn't the target of a state-level-actor. ;-) )

– Ghedipunk
7 hours ago





1




1





@Ghedipunk obfuscation may be a little optimistic and kids are prone to losing things (and trying to solve the puzzles in their friends' notebooks for ill-advised pranks). But scepticism about one point didn't make a negative for me (+1 in fact)

– Chris H
7 hours ago





@Ghedipunk obfuscation may be a little optimistic and kids are prone to losing things (and trying to solve the puzzles in their friends' notebooks for ill-advised pranks). But scepticism about one point didn't make a negative for me (+1 in fact)

– Chris H
7 hours ago













3














"Logging in from multiple devices" if you do not own them, is one habit that would need to be stopped for general security.



Once you own all the devices in the scenario, one method that I saw for young people that was useful is to avoid dealing with passwords altogether: use the "forgot password" process.



If the device is owned and access to email is on the device, then you simply request a password reset link and use that. Nothing to remember.



Another method is to use an online, family password manager (LastPass has this feature, for instance). This feature is designed specifically for this problem, but it has a cost, and you might not like the cloud storage and multi-device syncing. But having this and managing it for your child might be worth it.



You could also teach a strong password pattern. Yes, patterns have an inherent and obvious vulnerability, but it is a method that can be considered for your personal risk assessment.



I'm a fan of the "password reset" process, myself.






share|improve this answer

























  • Multiple devices - still true even if we restrict to immediate family (i.e. those who manage her devices). I will open that up to trusted (by me and her) adults who have complete physical access to her devices (e.g. grandparents). Restricting it beyond that is pointless paranoia and at odds with advice regarding a child's physical safety. Your blanket statement is still an unrealistic ideal - the days of "you must check in on a device capable of printing no more than 24 hours in advance" and similar stupid processes aren't completely gone.

    – Chris H
    7 hours ago











  • "forgot password" is a nice idea, though for some services it still takes ages and I'm looking at ways of restricting her email so I review mystery senders. It doesn't (and neither does an online service) deal with the boot password for my desktop, on which she has her own account

    – Chris H
    7 hours ago











  • You might need to edit your question to include the scope of the types of accounts you need to account for. Your example was for online services. If you include physical devices, then you are left with either simple memory, or alternate login options, which is beyond the scope of your desire for "password management".

    – schroeder
    6 hours ago











  • I actually have a big problem with my child logging into her grandparent's devices. Just because they have full control of the devices my child does, does not make the grandparent's devices trusted, secure, or safe.

    – schroeder
    6 hours ago











  • I have mixed feelings. Without going into too much detail, some I trust as I would my own, but others - let's just say I haven't had to fix them for a while. The physical devices came in mainly as an illustration of comparable issues, and aren't meant to be part of the real question. The boot password was maybe a red herring - after all, her access to that machine is supervised and under my control.

    – Chris H
    6 hours ago















3














"Logging in from multiple devices" if you do not own them, is one habit that would need to be stopped for general security.



Once you own all the devices in the scenario, one method that I saw for young people that was useful is to avoid dealing with passwords altogether: use the "forgot password" process.



If the device is owned and access to email is on the device, then you simply request a password reset link and use that. Nothing to remember.



Another method is to use an online, family password manager (LastPass has this feature, for instance). This feature is designed specifically for this problem, but it has a cost, and you might not like the cloud storage and multi-device syncing. But having this and managing it for your child might be worth it.



You could also teach a strong password pattern. Yes, patterns have an inherent and obvious vulnerability, but it is a method that can be considered for your personal risk assessment.



I'm a fan of the "password reset" process, myself.






share|improve this answer

























  • Multiple devices - still true even if we restrict to immediate family (i.e. those who manage her devices). I will open that up to trusted (by me and her) adults who have complete physical access to her devices (e.g. grandparents). Restricting it beyond that is pointless paranoia and at odds with advice regarding a child's physical safety. Your blanket statement is still an unrealistic ideal - the days of "you must check in on a device capable of printing no more than 24 hours in advance" and similar stupid processes aren't completely gone.

    – Chris H
    7 hours ago











  • "forgot password" is a nice idea, though for some services it still takes ages and I'm looking at ways of restricting her email so I review mystery senders. It doesn't (and neither does an online service) deal with the boot password for my desktop, on which she has her own account

    – Chris H
    7 hours ago











  • You might need to edit your question to include the scope of the types of accounts you need to account for. Your example was for online services. If you include physical devices, then you are left with either simple memory, or alternate login options, which is beyond the scope of your desire for "password management".

    – schroeder
    6 hours ago











  • I actually have a big problem with my child logging into her grandparent's devices. Just because they have full control of the devices my child does, does not make the grandparent's devices trusted, secure, or safe.

    – schroeder
    6 hours ago











  • I have mixed feelings. Without going into too much detail, some I trust as I would my own, but others - let's just say I haven't had to fix them for a while. The physical devices came in mainly as an illustration of comparable issues, and aren't meant to be part of the real question. The boot password was maybe a red herring - after all, her access to that machine is supervised and under my control.

    – Chris H
    6 hours ago













3












3








3







"Logging in from multiple devices" if you do not own them, is one habit that would need to be stopped for general security.



Once you own all the devices in the scenario, one method that I saw for young people that was useful is to avoid dealing with passwords altogether: use the "forgot password" process.



If the device is owned and access to email is on the device, then you simply request a password reset link and use that. Nothing to remember.



Another method is to use an online, family password manager (LastPass has this feature, for instance). This feature is designed specifically for this problem, but it has a cost, and you might not like the cloud storage and multi-device syncing. But having this and managing it for your child might be worth it.



You could also teach a strong password pattern. Yes, patterns have an inherent and obvious vulnerability, but it is a method that can be considered for your personal risk assessment.



I'm a fan of the "password reset" process, myself.






share|improve this answer













"Logging in from multiple devices" if you do not own them, is one habit that would need to be stopped for general security.



Once you own all the devices in the scenario, one method that I saw for young people that was useful is to avoid dealing with passwords altogether: use the "forgot password" process.



If the device is owned and access to email is on the device, then you simply request a password reset link and use that. Nothing to remember.



Another method is to use an online, family password manager (LastPass has this feature, for instance). This feature is designed specifically for this problem, but it has a cost, and you might not like the cloud storage and multi-device syncing. But having this and managing it for your child might be worth it.



You could also teach a strong password pattern. Yes, patterns have an inherent and obvious vulnerability, but it is a method that can be considered for your personal risk assessment.



I'm a fan of the "password reset" process, myself.







share|improve this answer












share|improve this answer



share|improve this answer










answered 8 hours ago









schroederschroeder

84.1k34 gold badges188 silver badges225 bronze badges




84.1k34 gold badges188 silver badges225 bronze badges















  • Multiple devices - still true even if we restrict to immediate family (i.e. those who manage her devices). I will open that up to trusted (by me and her) adults who have complete physical access to her devices (e.g. grandparents). Restricting it beyond that is pointless paranoia and at odds with advice regarding a child's physical safety. Your blanket statement is still an unrealistic ideal - the days of "you must check in on a device capable of printing no more than 24 hours in advance" and similar stupid processes aren't completely gone.

    – Chris H
    7 hours ago











  • "forgot password" is a nice idea, though for some services it still takes ages and I'm looking at ways of restricting her email so I review mystery senders. It doesn't (and neither does an online service) deal with the boot password for my desktop, on which she has her own account

    – Chris H
    7 hours ago











  • You might need to edit your question to include the scope of the types of accounts you need to account for. Your example was for online services. If you include physical devices, then you are left with either simple memory, or alternate login options, which is beyond the scope of your desire for "password management".

    – schroeder
    6 hours ago











  • I actually have a big problem with my child logging into her grandparent's devices. Just because they have full control of the devices my child does, does not make the grandparent's devices trusted, secure, or safe.

    – schroeder
    6 hours ago











  • I have mixed feelings. Without going into too much detail, some I trust as I would my own, but others - let's just say I haven't had to fix them for a while. The physical devices came in mainly as an illustration of comparable issues, and aren't meant to be part of the real question. The boot password was maybe a red herring - after all, her access to that machine is supervised and under my control.

    – Chris H
    6 hours ago

















  • Multiple devices - still true even if we restrict to immediate family (i.e. those who manage her devices). I will open that up to trusted (by me and her) adults who have complete physical access to her devices (e.g. grandparents). Restricting it beyond that is pointless paranoia and at odds with advice regarding a child's physical safety. Your blanket statement is still an unrealistic ideal - the days of "you must check in on a device capable of printing no more than 24 hours in advance" and similar stupid processes aren't completely gone.

    – Chris H
    7 hours ago











  • "forgot password" is a nice idea, though for some services it still takes ages and I'm looking at ways of restricting her email so I review mystery senders. It doesn't (and neither does an online service) deal with the boot password for my desktop, on which she has her own account

    – Chris H
    7 hours ago











  • You might need to edit your question to include the scope of the types of accounts you need to account for. Your example was for online services. If you include physical devices, then you are left with either simple memory, or alternate login options, which is beyond the scope of your desire for "password management".

    – schroeder
    6 hours ago











  • I actually have a big problem with my child logging into her grandparent's devices. Just because they have full control of the devices my child does, does not make the grandparent's devices trusted, secure, or safe.

    – schroeder
    6 hours ago











  • I have mixed feelings. Without going into too much detail, some I trust as I would my own, but others - let's just say I haven't had to fix them for a while. The physical devices came in mainly as an illustration of comparable issues, and aren't meant to be part of the real question. The boot password was maybe a red herring - after all, her access to that machine is supervised and under my control.

    – Chris H
    6 hours ago
















Multiple devices - still true even if we restrict to immediate family (i.e. those who manage her devices). I will open that up to trusted (by me and her) adults who have complete physical access to her devices (e.g. grandparents). Restricting it beyond that is pointless paranoia and at odds with advice regarding a child's physical safety. Your blanket statement is still an unrealistic ideal - the days of "you must check in on a device capable of printing no more than 24 hours in advance" and similar stupid processes aren't completely gone.

– Chris H
7 hours ago





Multiple devices - still true even if we restrict to immediate family (i.e. those who manage her devices). I will open that up to trusted (by me and her) adults who have complete physical access to her devices (e.g. grandparents). Restricting it beyond that is pointless paranoia and at odds with advice regarding a child's physical safety. Your blanket statement is still an unrealistic ideal - the days of "you must check in on a device capable of printing no more than 24 hours in advance" and similar stupid processes aren't completely gone.

– Chris H
7 hours ago













"forgot password" is a nice idea, though for some services it still takes ages and I'm looking at ways of restricting her email so I review mystery senders. It doesn't (and neither does an online service) deal with the boot password for my desktop, on which she has her own account

– Chris H
7 hours ago





"forgot password" is a nice idea, though for some services it still takes ages and I'm looking at ways of restricting her email so I review mystery senders. It doesn't (and neither does an online service) deal with the boot password for my desktop, on which she has her own account

– Chris H
7 hours ago













You might need to edit your question to include the scope of the types of accounts you need to account for. Your example was for online services. If you include physical devices, then you are left with either simple memory, or alternate login options, which is beyond the scope of your desire for "password management".

– schroeder
6 hours ago





You might need to edit your question to include the scope of the types of accounts you need to account for. Your example was for online services. If you include physical devices, then you are left with either simple memory, or alternate login options, which is beyond the scope of your desire for "password management".

– schroeder
6 hours ago













I actually have a big problem with my child logging into her grandparent's devices. Just because they have full control of the devices my child does, does not make the grandparent's devices trusted, secure, or safe.

– schroeder
6 hours ago





I actually have a big problem with my child logging into her grandparent's devices. Just because they have full control of the devices my child does, does not make the grandparent's devices trusted, secure, or safe.

– schroeder
6 hours ago













I have mixed feelings. Without going into too much detail, some I trust as I would my own, but others - let's just say I haven't had to fix them for a while. The physical devices came in mainly as an illustration of comparable issues, and aren't meant to be part of the real question. The boot password was maybe a red herring - after all, her access to that machine is supervised and under my control.

– Chris H
6 hours ago





I have mixed feelings. Without going into too much detail, some I trust as I would my own, but others - let's just say I haven't had to fix them for a while. The physical devices came in mainly as an illustration of comparable issues, and aren't meant to be part of the real question. The boot password was maybe a red herring - after all, her access to that machine is supervised and under my control.

– Chris H
6 hours ago











1














Now i am not sure if i am right but i think teaching basic mnemonic techniques to kids seems like a wonderful idea to me.Its a skill that will help her lifelong and will also aid in avoiding writing down any passwords and low entropy password.Consider a 10 digit gibberish password such as 1kej@!lej2 .This could be easily remember if you just made up a story by using characters of the password.Schroeder's advice also seems good to be honest.You could also teach her in time "how to generate passwords with sufficient entropy" and use a password manager.Until then mnemonics should do fine for kids.They have a vivid imagination






share|improve this answer

























  • It's a nice idea, and works for a few passwords, but I can't remember more than a handful that way. It seems optimistic to expect this approach to last long given how many passwords people acquire.

    – Chris H
    7 hours ago






  • 1





    "Memorising a really strong master password is probably a bit much to ask".I was pretty much commenting on this one actually.But you are right trying to remember 30-35 tough password's even with mnemonics is rather tough/impossible.

    – Vipul Nair
    7 hours ago















1














Now i am not sure if i am right but i think teaching basic mnemonic techniques to kids seems like a wonderful idea to me.Its a skill that will help her lifelong and will also aid in avoiding writing down any passwords and low entropy password.Consider a 10 digit gibberish password such as 1kej@!lej2 .This could be easily remember if you just made up a story by using characters of the password.Schroeder's advice also seems good to be honest.You could also teach her in time "how to generate passwords with sufficient entropy" and use a password manager.Until then mnemonics should do fine for kids.They have a vivid imagination






share|improve this answer

























  • It's a nice idea, and works for a few passwords, but I can't remember more than a handful that way. It seems optimistic to expect this approach to last long given how many passwords people acquire.

    – Chris H
    7 hours ago






  • 1





    "Memorising a really strong master password is probably a bit much to ask".I was pretty much commenting on this one actually.But you are right trying to remember 30-35 tough password's even with mnemonics is rather tough/impossible.

    – Vipul Nair
    7 hours ago













1












1








1







Now i am not sure if i am right but i think teaching basic mnemonic techniques to kids seems like a wonderful idea to me.Its a skill that will help her lifelong and will also aid in avoiding writing down any passwords and low entropy password.Consider a 10 digit gibberish password such as 1kej@!lej2 .This could be easily remember if you just made up a story by using characters of the password.Schroeder's advice also seems good to be honest.You could also teach her in time "how to generate passwords with sufficient entropy" and use a password manager.Until then mnemonics should do fine for kids.They have a vivid imagination






share|improve this answer













Now i am not sure if i am right but i think teaching basic mnemonic techniques to kids seems like a wonderful idea to me.Its a skill that will help her lifelong and will also aid in avoiding writing down any passwords and low entropy password.Consider a 10 digit gibberish password such as 1kej@!lej2 .This could be easily remember if you just made up a story by using characters of the password.Schroeder's advice also seems good to be honest.You could also teach her in time "how to generate passwords with sufficient entropy" and use a password manager.Until then mnemonics should do fine for kids.They have a vivid imagination







share|improve this answer












share|improve this answer



share|improve this answer










answered 7 hours ago









Vipul NairVipul Nair

1,6071 gold badge5 silver badges17 bronze badges




1,6071 gold badge5 silver badges17 bronze badges















  • It's a nice idea, and works for a few passwords, but I can't remember more than a handful that way. It seems optimistic to expect this approach to last long given how many passwords people acquire.

    – Chris H
    7 hours ago






  • 1





    "Memorising a really strong master password is probably a bit much to ask".I was pretty much commenting on this one actually.But you are right trying to remember 30-35 tough password's even with mnemonics is rather tough/impossible.

    – Vipul Nair
    7 hours ago

















  • It's a nice idea, and works for a few passwords, but I can't remember more than a handful that way. It seems optimistic to expect this approach to last long given how many passwords people acquire.

    – Chris H
    7 hours ago






  • 1





    "Memorising a really strong master password is probably a bit much to ask".I was pretty much commenting on this one actually.But you are right trying to remember 30-35 tough password's even with mnemonics is rather tough/impossible.

    – Vipul Nair
    7 hours ago
















It's a nice idea, and works for a few passwords, but I can't remember more than a handful that way. It seems optimistic to expect this approach to last long given how many passwords people acquire.

– Chris H
7 hours ago





It's a nice idea, and works for a few passwords, but I can't remember more than a handful that way. It seems optimistic to expect this approach to last long given how many passwords people acquire.

– Chris H
7 hours ago




1




1





"Memorising a really strong master password is probably a bit much to ask".I was pretty much commenting on this one actually.But you are right trying to remember 30-35 tough password's even with mnemonics is rather tough/impossible.

– Vipul Nair
7 hours ago





"Memorising a really strong master password is probably a bit much to ask".I was pretty much commenting on this one actually.But you are right trying to remember 30-35 tough password's even with mnemonics is rather tough/impossible.

– Vipul Nair
7 hours ago

















draft saved

draft discarded
















































Thanks for contributing an answer to Information Security Stack Exchange!


  • Please be sure to answer the question. Provide details and share your research!

But avoid


  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f214492%2fpassword-management-for-kids-whats-a-good-way-to-start%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







Popular posts from this blog

Canceling a color specificationRandomly assigning color to Graphics3D objects?Default color for Filling in Mathematica 9Coloring specific elements of sets with a prime modified order in an array plotHow to pick a color differing significantly from the colors already in a given color list?Detection of the text colorColor numbers based on their valueCan color schemes for use with ColorData include opacity specification?My dynamic color schemes

Invision Community Contents History See also References External links Navigation menuProprietaryinvisioncommunity.comIPS Community ForumsIPS Community Forumsthis blog entry"License Changes, IP.Board 3.4, and the Future""Interview -- Matt Mecham of Ibforums""CEO Invision Power Board, Matt Mecham Is a Liar, Thief!"IPB License Explanation 1.3, 1.3.1, 2.0, and 2.1ArchivedSecurity Fixes, Updates And Enhancements For IPB 1.3.1Archived"New Demo Accounts - Invision Power Services"the original"New Default Skin"the original"Invision Power Board 3.0.0 and Applications Released"the original"Archived copy"the original"Perpetual licenses being done away with""Release Notes - Invision Power Services""Introducing: IPS Community Suite 4!"Invision Community Release Notes

199年 目錄 大件事 到箇年出世嗰人 到箇年死嗰人 節慶、風俗習慣 導覽選單