Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

The Power of Passwords

Just like you use a physical key to unlock your front door, you use a password to unlock your digital accounts. But some keys are much stronger than others!

What is a Password?

A password is a secret word, phrase, or combination of characters that proves you are who you say you are. Think of it as the secret handshake that lets you into a special club — except this club is your email, your favorite game, or your school’s website.

Every time you log in to an account, the computer asks, “Who are you?” You tell it your username, and then it asks, “Prove it!” That’s when you type your password. If the password matches what the computer has stored for you, the door opens and you get access.

What is a Strong Password?

A strong password is one that’s hard for a computer or a person to guess. The very best passwords are completely random — they don’t contain any words, names, or patterns that a person or a computer could predict.

For example, a password like P@ssw0rd123! might look strong because it has symbols and numbers, but it is actually weak because it follows a pattern (a common word with simple changes) that hackers are programmed to try first. A truly random password like xK9#mP2$vLqR4! is much better because there is no pattern at all.

The best passwords are:

  • Totally random — no words, names, or dates
  • At least 16 characters long — the longer, the better
  • Full of mixed characters — uppercase, lowercase, numbers, and symbols

A modern computer can try billions of guesses per second. A short or predictable password can be cracked in seconds, but a long, random password would take millions of years for even the fastest supercomputer to figure out.

How Passwords Get Stolen

You might wonder, “Why does anyone care about my password?” The truth is, bad actors called hackers try to steal passwords so they can pretend to be you. Here are a few ways they do it:

  • Guessing: If your password is something simple like monkey or football, a hacker can use a program that tries millions of common words in just a few seconds. This is called a dictionary attack.
  • Tricking you: Sometimes hackers send fake emails or messages that look like they are from a real company. They might say, “Click here to fix your account,” and when you do, they steal your password. This trick is called phishing — like “fishing” for your information!
  • Data breaches: Even if your password is strong, sometimes a company’s computers get broken into and passwords are stolen. That is why using different passwords for different accounts is so important.

How to Manage Your Passwords

If the best passwords are long and completely random, how can anyone remember them? The honest answer is: you shouldn’t try to!

The human brain is great at remembering stories and faces, but it is terrible at remembering strings of random letters and numbers. That is why the safest way to handle passwords is to use a password manager.

A password manager is a special, secure app that acts like a locked safe for all your passwords. You only need to remember one strong master password to open the manager, and the app remembers everything else for you. It can even create brand-new, perfectly random passwords for you whenever you sign up for a new account.

Using a password manager means:

  • Every account gets its own long, random password
  • You never have to reuse the same password twice
  • You don’t have to write passwords down on paper where someone might find them
  • You only need to remember one master password

Think of a password manager like a trusted bodyguard that remembers all your secret codes so you don’t have to.

Protecting Your Digital Life

You should use a different password for every single account you have. That way, if someone finds out your password for one account, they can’t get into any of your other ones! It’s like having a different key for your house, your car, and your bike lock.

Imagine you used the same key for everything. If you lost that key, a stranger could open your house, drive your car, and steal your bike. Using unique passwords keeps your other accounts safe even if one password leaks out.

Who Can You Trust With Your Password?

The short answer is: almost no one!

Even your best friend should not know your passwords. If you tell a friend your password, you no longer control who else might find out. They might accidentally tell someone, or someone might look over their shoulder.

The only people who should ever know your passwords are your parents or guardians, especially if they need to help you stay safe online. Even then, it is a good idea to keep passwords in your password manager or write them down and keep them in a secure place rather than texting them.

Multi-Factor Authentication (MFA)

Many websites now offer something called Multi-Factor Authentication or “Two-Step Verification.” This is like having a second lock on your door. Even if someone guesses your password, they still can’t get into your account without a second piece of information, like a code sent to your phone.

Think of it like an ATM: you need your bank card (something you have) and your PIN (something you know). MFA works the same way. You might need your password and a code from an app on your phone. It adds an extra layer of protection, and you should turn it on whenever a website offers it.


Did you know?

  • Common Passwords: The most common password in the world is still “123456.” If you use this, a computer can guess it in less than a second!
  • Password Managers: Because it’s hard to remember so many different passwords, many people use a “Password Manager.” This is a secure app that remembers all your passwords for you so you only have to remember one “master” password!
  • Biometrics: Your fingerprint or your face can also be used as a password! This is called “biometrics,” and it’s a very secure way to lock your phone or computer.
  • Supercomputer Challenge: A 20-character password made of completely random characters would take a supercomputer millions of years to crack!

Check Your Knowledge

  1. What makes a password “strong”?
  2. Why should you use a different password for every account?
  3. What is “Multi-Factor Authentication”?
  4. Why is a password like “123456” a bad choice?
  5. How can a “Password Manager” help you stay safe online?