Online security for students
Tips & Tricks

Online security for students

The new school year is upon us. Last school year, online learning emerged as a new normal. Even as students return to in-person classes, expect online lear

The new school year is upon us. Last school year, online learning emerged as a new normal. Even as students return to in-person classes, expect online learning to continue to be a part of the mix. With this in mind, we asked our resident security expert for some tips that students can use to keep their stuff safe and secure online. 

Password management

Far too often password management goes by the wayside. Common complaints are that passwords are too hard to remember or password requirements are too complex. As a result, people will often end up creating a word document or a spreadsheet to keep all their passwords in order. While convenient, it’s anything but secure. There are various attacks that make word documents and spreadsheets vulnerable. In addition, any hack into your PC leaves your passwords vulnerable to exposure. 

The best course of action is to use a password protection manager (PPM). Think of a PPM as a digital vault that keeps all of the keys to the kingdom. There are many excellent ones out there including 1Password and LastPass. A PPM means you only need to remember one passphrase. This master passphrase must be both strong and memorable. More on that in a moment.

Be sure to update your PPM whenever updates or patches are released by the application developers.

Building a strong, memorable passphrase

A strong and memorable passphrase protects students across multiple digital mediums. That includes school portal logins, email, social media, laptops, and mobile devices. A strong passphrase also protects against brute force attacks. Brute force attacks use software to crack passwords. They can be surprisingly fast and effective. A strong passphrase is the best defense.

A strong passphrase is typically 18 characters or more. To achieve that benchmark but also create a passphrase they can remember, students can use a memory device such as: 

  • A line from their favourite song
  • Catch phrases or memorable quote
  • A tongue twister 
  • The title of their favourite book 

Avoid passphrases that include things like family member names (including pets), the dates of significant events like birthdays or anniversaries.

Enabling multi-factor authentication

Multi-factor authentication is an important extra layer of protection against brute force and other authentication-based attacks on social media accounts, a laptop or mobile device log in or anywhere else you log in with a passphrase. Even if a passphrase is compromised, multi-factor authentication can stop a hack in its tracks. 

The most commonly used form of multi-factor authentication is Two-Factor (2FA for short) and usually is a combination of two of the following:

  • something you know (your passphrase), 
  • something you have (e.g.; a one time password using Google Authenticator, Windows Authenticator or DUO)
  • Or something you are (biometrics - a fingerprint for example)

The right combination is determined by the user’s comfort level, security needs, or what is available on the platform or application they are using. What is most important is to remember there are no wrong combinations of 2FA. All are valid. The important takeaway is to use 2FA wherever possible.

Mobile device security

For parents, monitoring a child’s screen time is important, as is having a conversation about what applications they’re using and in what manner they are being used. Discussing social engineering techniques (tricking people into sharing sensitive information) and the advice to not trust anyone they meet on the internet with personal or sensitive data are also key. 

From a security perspective, it is important to know what applications are downloaded on your child’s laptop or mobile device so you can keep an ear out for data breaches, vulnerabilities and exploits against these apps.

As a mobile security rule of thumb, always update applications whenever security updates are released and (I can’t stress this enough) delete any unused applications or infrequently used applications on your own and your child’s mobile device. 

Unused or out-of-date applications are vulnerable to exploitation by hackers and can put any data stored on the device at risk. In some cases, these outdated applications can even be used as spyware to track, listen in, and collect data on both adults and children. 

On iOS devices, screen time can be monitored by the native Screen Time app, which lets you know how much time you and your kids spend on apps, websites, and more. This way, you can make more informed decisions about you and your family’s device usage, and set limits if you'd like to. In addition, both Apple and Android devices have parental controls that can be applied to your child’s mobile device either through the Settings app or the Google Play store, respectively. 

Online protection

Finally, the Ting team would like to share a few best practices to help parents protect themselves and their children online. 

The best way is to go straight to the source: your home router. Your home router/modem is your gateway to the internet. Everything that you receive and send out into the world passes through it and securing your router secures your whole network. 

The Ting Internet Router can block anyone on the network from accessing undesired sites. You can separate networks for your guests and even explicitly allow only specific devices to connect. 

Many security features pertain to Wi-Fi on your Ting Internet Router. It’s a great idea for parents to familiarize themselves with and enable these security features to protect themselves and their families:

  1. Encryption - Under wireless setting, enable the strongest form of encryption currently available; WPA2-PSK (AES)
  2. DoS Prevention -  under the security settings, enable Dos Attack prevention for added layer of protection against availability attacks
  3. Parental Control - under security settings, go to Parental Control and choose "enable". From here, parents can set Parental Control Policies (PCP) on their routers and apply which connected devices to apply the policies to.
    Policy features include internet access scheduling, Site/URL blacklisting or whitelisting, service or port management (eg. P2P, HTTPS, etc.), block or allow URLs by keywords, and more. 
  4. Admin and Wi-Fi password reconfiguration - Upon initial setup, you’ll be prompted to change the administrative password for your router. This is simply to log into the router and doesn’t affect your W-iFi password. It is highly recommended to go into the WAN management page and change the default name that is displayed (SSID) and the password (pre-shared key).

To make security adjustments to your Ting home router, log in using the gateway IP and credentials stated on the sticker to the back. Type in your browser's address bar. This will open the router's login screen. Additional information can be found on the Ting Internet site or the Zyxel router manufacturer's site and in its parental control help article.

Sign up for our newsletter!

Be the first to know about news and special offers.