
Protecting user credentials can keep your entire district afloat.
That’s why it’s imperative that you and everyone else at your district understands the importance of using strong passphrases.
“Passphrases?” you ask. “Is that the same as a password?” Not quite!
Passwords are typically composed of up to 10 letters, numbers, symbols, or combinations of these characters. Most people were taught to create strong passwords by substituting letters for numbers or symbols—for example, password, becomes p@ssw0rd. Tricky, right? Well, unfortunately, criminals know this game too, and even complex passwords with substitutions are relatively easy to crack for both humans and robots. Online criminals have also developed state-of-the-art hacking tools designed to crack even the most complicated passwords.
So now what? Insert the passphrase.
A passphrase is longer than a password and contains spaces between words. Here’s an example: “The road to success is always under construction!” (Approximate crack time: 223,966,385,786,166,380,000 centuries)
A passphrase can also contain numbers or symbols, such as: “The r0ad t0 succ3ss is always under c0nstruction!” (Approximate crack time: 9.460,961,044,053,363e+24 centuries)
Security professionals recommend ditching passwords in favor of passphrases. Here are a few reasons why:
- Passphrases are easier to remember.
- Passphrases are more difficult to crack.
- Passphrases are easily modified to satisfy complex passwords rules.
If you have trouble remembering multiple complicated passphrases, a password service can store your passphrases for you. That way, you only need to remember one (VERY strong, unguessable) passphrase.
Using strong passphrases is important, but there’s more you can do to keep your data safe. Whenever possible, elect multi-factor authentication (MFA) settings. MFA will send an approval message to your trusted device or email (or both) so you can approve or deny any attempts to log in. This extra step is an additional line of defense should your credentials fall into the wrong hands.
Speaking of—a hacker should never get lucky by simply being in the right place at the right time. Never leave credentials near your devices (including benign sticky note reminders under your keyboard). Inspect ports for new, unobtrusive dongles, which could be keyloggers—small USB devices which captures every letter you type, including your passwords. You can never be too careful when it comes to protecting your credentials.
Constant vigilance keeps districts from paying huge ransoms for precious data. Is it time to update your password?

Follow-up resource: Subscribe for more
WHAT'S NEXT FOR YOUR EDTECH? The right combo of tools & support retains staff and serves students better. We'd love to help. Visit skyward.com/get-started to learn more.
![]() |
Erin Werra Blogger, Researcher, and Edvocate |
Erin Werra is a content writer and strategist at Skyward’s Advancing K12 blog. Her writing about K12 edtech, data, security, social-emotional learning, and leadership has appeared in THE Journal, District Administration, eSchool News, and more. She enjoys puzzling over details to make K12 edtech info accessible for all. Outside of edtech, she’s waxing poetic about motherhood, personality traits, and self-growth.