Stop Blaming People for Bad Passwords

ESL news-based lesson plan

Lesson Overview

This ESL lesson plan on cyber security and information security has been designed for adults and young adults at an intermediate (B1/B2); however, it can be used as a refresher lesson with students up to advanced (C1/C2) level and should last around 90 minutes for one student.

This lesson will help ESL learners become more knowledgeable and informed about online security and better equipped to protect themselves from threats.

This article-based lesson will enhance the student’s speaking and reading skills and critical understanding of passwords working on-site. The lesson also includes a section dedicated to Graph analysis, an essential skill necessary in the workplace and for students preparing for exams such as the IELTS. The students will also be able to discuss the importance of websites implementing stronger protocols to encourage better password choices.

The lesson resource includes a pdf student’s worksheet, a pdf teacher’s lesson plan and Interactive lesson slides in a PowerPoint format. Each PPT contains everything in the pdf worksheet and the teacher’s lesson plan.

The worksheets and the PowerPoint can be used for in-person classes or if you are teaching online. Interactive lesson slides are compatible with Zoom, Big Blue Button, Teams or similar platforms.



This ESL lesson can be used with students who need to learn specific English language vocabulary and language structure relating to cyber security and information security, such as online business creators and website developers, and university students studying a programme that requires such knowledge. It can also be used as part of a general English course to expose students to the importance of password protection, especially during Cybersecurity Awareness Month.

The main point of this article-based lesson is that the popularity of weak passwords remains a significant problem despite years of warnings and advice to create stronger passwords.

Through this article lesson, ESL students will learn that the responsibility for improving password security should be shifted from users to websites. The students will also learn services that should take a more proactive role in enforcing better “cyber hygiene”.

Students will also have an opportunity to discuss what websites can do to improve password security. Suggestions include implementing stronger protocols to filter out poor passwords, using blacklists of common weak choices, and providing guidance to users without insisting on outdated password complexity requirements. The lesson also highlights the importance of password security for protecting personal data and minimizing opportunities for attackers to exploit system weaknesses.

This is because longer passwords are more resistant, and less complex passwords can be easier to remember. However, weak passwords leave many people vulnerable to hackers, so the provider should minimize these opportunities and protect other people’s data.


Students are also presented with an exercise on interpreting graphs and charts. The chart is directly related to the article they will read and will allow the students to reuse the vocabulary they have learned.
For this exercise, students are provided with sentence starters that not only help to scaffold their interpretation of graphs but also provide the necessary vocabulary in English to help them express themselves. The students are also expected to summarise the chart, a key skill and exercise present in exams such as the IELTS.

For each graph, students are asked a series of questions where they have to describe the features of the graph. Questions and discussions related to the chart are designed to allow students to:
know how to interpret graphs
to elicit key information
extract the basic information
draw conclusions
compare and contrast and
provide recommendations.

Language-focus activities centre around the topic of cybersecurity and allows students to:
• Learn new vocabulary and keywords through matching exercises
• Improve their vocabulary related to cybersecurity and online safety.
• Understand how to reformulate information to avoid repetition by transforming adjectives into nouns and nouns into adjectives
• Participate in a cyber security role play plus debate exercises to enable students to reuse and practice language structure and vocabulary learnt throughout the lesson.
• Gain knowledge of best practices for creating strong passwords and the importance of using them.
• Understanding of how to speak about charts and data related to cybersecurity and online safety.

Exercises on language function and grammar related to this lesson can be assigned to students at home if they cannot be completed during class.

Through this article lesson, students will aim to improve fluency, accuracy and range of tech-based terminology at the workplace rather than to master basic aspects of the English language. Students will learn tech-based vocabulary, phrases such as “brute force cracking”, and expressions related to cybersecurity, password security, and internet safety while learning how to the risk of choosing bad passwords.

Our ESL topic bundle includes lessons that can offer continuity on a particular theme. The following ten ESL Lessons will provide material for a one-semester course. The stress is placed on helping students master essential vocabulary and terminology on the subject matter, which is introduced via authentic listening practices or reading comprehension exercises, depending on the focus of each lesson.

ESL Students are encouraged to learn the meaning of new words in context. In addition, language structure is also a key part of each lesson and is directly linked to the lesson’s content.

Quick Info

Lesson Includes

Leave a Reply