Activity Handout: Strong Passwords & MFA
Name: _____ Date: _____
This handout supports Cybersecurity Merit Badge requirement 5(c) items about passwords, MFA, and system security.
Part 1 – Strong Passwords
-
Write down three weak passwords someone might use (do not use your real passwords).
-
Weak password 1: _______
- Weak password 2: _______
-
Weak password 3: _______
-
For each weak password above, rewrite it as a stronger password or passphrase (do not use a real password you plan to use; these are examples only).
-
Stronger version 1: __________
- Stronger version 2: __________
-
Stronger version 3: __________
-
Checklist – What makes a strong password? Mark the ones you used:
-
[ ] Long (at least 12–16 characters)
- [ ] Mix of letters, numbers, and symbols
- [ ] Not based on your name, birthday, or username
- [ ] Not reused on multiple sites
- [ ] Easy for you to remember, hard for others to guess (passphrase)
Part 2 – Multi-Factor Authentication (MFA)
With a parent/guardian and your counselor’s guidance, turn on MFA for at least one account (email, gaming, school, etc.).
Account (type only, not full address): _____
MFA method used (app, text, hardware key, etc.): ____
Questions
- Why does MFA improve security?
- What would an attacker need besides your password to get in?
Part 3 – Password Manager (Optional Extension)
If allowed, install or explore a password manager (with a parent/guardian).
- Name of password manager: _________
- One benefit of using a password manager:
Counselor Sign-Off Notes
Use this area to record what the Scout demonstrated (changing a password, enabling MFA, explaining how it works, etc.).