This module opens with an introduction to common attacks on online accounts, and the need for two-factor authentication. It then moves on to a few activities having students investigate the security of their own passwords, and where they might set up two-factor authentication for their primary email provider. It closes with a discussion about risk mitigation.
This module intends to tee up a second conversation about password management, and slides about phishing and password stuffing can be reused for the password management discussion.
Understanding in concrete terms how likely attacks are executed in practice will help students focus their attention on the most common threats, and realistic ways to defend. Two-factor authentication is one of the most effective defenses against account break-ins. Chances are, your students are already familiar with it in some way — whether through their bank, hospital, or even your university's security requirements, so reiterating why this tactic is effective is key.