Web Security for Students
Passwords, phishing, HTTPS, cookies, 2FA. 5 short tasks documented in text files — no hacking, just knowledge.
Stay safe online
Web security & media literacy
This module is not about hacking but about knowledge everyone needs online: strong passwords, recognising phishing, understanding HTTPS, cookies and two-factor authentication. You document your understanding in short texts — training the media literacy anchored in the curriculum.
What it covers
- Password security: what really makes a password strong.
- Phishing: fraudulent messages trying to steal credentials.
- HTTPS: encrypted connection — how to recognise it and why it protects.
- Cookies: small files websites store in the browser.
- 2FA: a second factor in addition to the password.
Write your answers into text files under
/home/student/sicherheit/(mkdir -p /home/student/sicherheit). Phrase it in your own words — the more thorough, the better.
Your goal
You explain five central security concepts clearly in your own words.
Exercises
1. What makes a strong password?
Topic: strong passwords. A strong password is long (at least 12 characters), unique (a different one per service) and ideally random (password manager). Length beats complexity.
Explain in
/home/student/sicherheit/passwort.txtthoroughly (at least a few sentences) what makes a password strong and why you should use a separate one for each service. Example to create it:mkdir -p /home/student/sicherheit nano /home/student/sicherheit/passwort.txtCheck:
passwort.txtcontains a thorough text (at least ~80 characters).2. Spot phishing
Topic: recognising phishing. Phishing are fake messages (email/SMS) luring you to a cloned site to steal passwords. Warning signs: a fake sender, an urgent tone ("act urgently!"), suspicious links/URLs.
Explain in
/home/student/sicherheit/phishing.txthow to recognise phishing — covering at least the sender and the link/URL (or the urgent tone).Check:
phishing.txtnames at least two signs (e.g. sender, link/URL, urgent tone).3. Why HTTPS matters
Topic: why HTTPS matters. HTTPS encrypts the connection between browser and server (lock symbol in the address bar). Without HTTPS someone on the same network could eavesdrop — e.g. on passwords.
Explain in
/home/student/sicherheit/https.txtwhat HTTPS does — mention that it encrypts (or the lock symbol).Check:
https.txtmentionshttpsand the encryption (or the lock symbol).4. What are cookies?
Topic: what are cookies? Cookies are small files websites store in the browser — e.g. to keep you logged in or remember settings. But some also serve tracking (following you across sites).
Explain in
/home/student/sicherheit/cookies.txtthoroughly what cookies are, what they are useful for, and why tracking cookies are viewed critically.Check:
cookies.txtcontains a thorough text (at least ~100 characters).5. Two-Factor Authentication (2FA)
Topic: two-factor authentication (2FA). 2FA requires, in addition to the password, a second factor — something you have: a code via app (authenticator), via SMS or a hardware token. Even if someone knows your password, they cannot get in without the second factor.
Explain in
/home/student/sicherheit/zfa.txtwhat 2FA is — name at least two examples of second factors (e.g. app, SMS, hardware token).Check:
zfa.txtnames at least two factor types (e.g. app, SMS, hardware/token).
Related courses
Now practice it yourself
Reading is good – doing is better. Start this course on a real Linux VM, right in your browser. A free account is all it takes.
Start for freeLab content under CC BY 4.0 – free to use with attribution (© TechLogia).
