This module opens with an introduction to common attacks on online accounts, and the need for two-factor authentication. It then moves on to a few activities having students investigate the security of their own passwords, and where they might set up two-factor authentication for their primary email provider. It closes with a discussion about risk mitigation.
This module intends to tee up a second conversation about password management, and slides about phishing and password stuffing can be reused for the password management discussion.
35-45 minutes
Understanding in concrete terms how likely attacks are executed in practice will help students focus their attention on the most common threats, and realistic ways to defend. Two-factor authentication is one of the most effective defenses against account break-ins. Chances are, your students are already familiar with it in some way — whether through their bank, hospital, or even your university's security requirements, so reiterating why this tactic is effective is key.
(Before class)
(After class)
Authentication, Part 1 (Google Slides)