I wrote my Ph.D. thesis on hacktivism: politically-motivated computer hacking. Interviewing fifty politically engaged computer hackers turned out to be great preparation for running a business that built nonprofit online communities, because I really know how to speak with progressive programmers.

But it’s proven even more useful to my work as a mother. As luck, karma or genetics would have it, I have ended up producing a child I think of as my baby hacker. My 9-year-old son, who I call Peanut, managed his first exploit at age 5: that’s when he figured out that he could get around all the parental restrictions on our iPad by turning automatic downloads back on. It was the one setting that didn’t require a password, and it meant that all the games we’d deleted from the iPad (because Peanut wouldn’t stop playing them) suddenly reappeared. Bravo, baby hacker!

The four years since have been a classic arms race that will be familiar to anyone who has ever worked in I.T. security: no sooner do you secure a system than the hackers figure out a new way in. This battle inspired my article for the Wall Street Journal, which showed that we’re far from the only parents struggling to keep their kids’ online behavior in check.

Still, you keep trying. The relentless creativity that allows Peanut to get around our tech limits may eventually serve him well in a technology career, but meanwhile, it’s my job to ensure that his constant pursuit of YouTube doesn’t get in the way of little things like eating, sleeping and going to school.

If you’ve got the kind of kid who actually complies with the limits you set down verbally or in writing, this may not be an issue for you. But if you’ve got the kind of kid who’s constantly pushing limits, setting up technical restrictions on your household technologies can make life a lot easier for you and your kid. Peanut has told me that he much prefers having our various devices locked down (along with our household candy supply): it takes a lot of emotional energy for him to “be good”, as he puts it, and our various systems of parental restrictions lessen the burden of temptation.

Since I’m a geek with a smart little guy who has challenged me to come up with an ever more robust set of technical restrictions, I’ve figured out some secrets to keeping devices locked down. Here are some of my best tips:

Live within a single ecosystem. Ideologically, I sympathize with those friends who have liberated themselves from Apple’s hegemony by switching to Linux PCs or Android phones. But it is MUCH easier to keep all your household devices locked down if you are working within a single ecosystem, or limited to one or two operating systems. I know a heck of a lot about parental restrictions on Macs and iOS devices; figuring out how to lock down a PC or Android phone would add a lot of complexity to that effort.

Use OpenDNS to block problematic sites. If your kids consistently access verboten websites (in our case, YouTube, Lego.com and Steam are the big problems), it’s easier to block those from the entire network than to set up parental restrictions on each computer. For $20 a year, the OpenDNS Family VIP program lets you block specific sites from your home network. It can take a bit of fiddling to block the sites you want to block without blocking sites you need to access (for example, blocking YouTube without disabling Google login), but it’s easy to experiment with settings until you’ve got the right setup for your family.

Use passwords to control mobile devices. Even with OpenDNS in place, your kids may still access blocked sites by switching off wifi on your mobile devices, and accessing those sites through your mobile network instead. This is a recipe for INSANE data bills if, hypothetically, your son wakes up at 2 am and watches YouTube videos via mobile data until you get up at 8 and catch him. So keep all your mobile devices password protected, and only allow your kids to use those devices if they’re in the same room with you and you can see their screen.

Avoid password circumvention. When I was researching my WSJ article I heard from a few parents whose kids got around password restrictions by adding their own thumbprints to the list of authorized “unlock” prints on the iPhone. My iPhone requires a password before it will let me add a new fingerprint, but it’s still a good idea to periodically glance at your list of prints and make sure another one hasn’t spontaneously appeared. Also, make sure you always lock your phone when you put it down: if Peanut wakes up in the middle of the night, he often requests an audiobook to help him fall back asleep…but if we forget to re-lock the phone, he’ll wait until we’re asleep and use the phone to watch YouTube videos.

Set time limits, not site limits, on individual computers. Using Apple’s parental controls to block sites on my son’s computer rendered the computer unusable: there are so many 3rd party utilities built into every website that I was constantly authorizing additional URLs. Instead, I use time limits to specific when his computer can and can’t be used. On weekdays, he can only log in between 4 and 7 pm; on the weekends, he can login at 6 am (any earlier, and he won’t get a good night’s sleep…and later, and he’ll wake us up to pester for his computer.)

Use user accounts to limit access to specific applications. I’ve yet to find a Mac utility that lets me block specific applications at specific times?—?so I couldn’t find a way to limit my daughter’s Minecraft usage to weekends only. Instead, I set up a second account on her Mac: her weekday account uses parental controls to block access to Minecraft, and her weekend account (which she can only log into on Saturdays and Sundays) allows Minecraft.

Organize mobile apps into folders to limit access. For a time, we sent Peanut to school with an iPad he could use for schoolwork?—?but surprise surprise, he used it to play Angry Birds in class. While there seem to be plenty of app-locking options for Android, locking entire folders of apps on your iOS device requires jailbreaking?—?essentially, liberating your device from some of the restrictions Apple imposes. If you’re up for jailbreaking your iPhone or iPad, you can use an app like LockdownPro to put a password on specific apps or folders. My solution was to jailbreak the iPad (actually not that difficult) and to organize “in school” and “after school” apps into different folders; the “after school” folder had a password I would enter only after a successful day at school.

Lock up your consoles. If you have videogame consoles, there are a few options for keeping those locked up. One option is to use the parental restrictions password for each console, but if you have the kind of kid who will phish the console password by texting you from his grandmother’s phone (again, hypothetically) you may do better with physical locks. We keep our consoles in a locked closet, because if we hide them, we tend to forget where we hid them (we lost our Playstation for 18 months, I kid you not). Another option I’ve considered is this fab-looking timed lockbox: if we kept our game controllers in here, Peanut wouldn’t be able to pester for game time, because the controllers would be inaccessible to us, too. I’m also intrigued by this kind of device, which locks the power on the console itself. For a fancier option (which I’m now lusting after), try the Token Timer, which lets the kids earn their game access.

Kill 1-click purchasing. How much money did you spend on Garfield books this year? If it was less than a thousand dollars, you are ahead of us! Thanks to Amazon’s 1-click purchasing, Peanut purchased dozens of Garfield books?—?some on Kindle, and some on paper. Amazon helped me reverse a bunch of those Kindle purchases (if you go to your digital orders page within 7 days of purchase, you can cancel any Kindle purchase), but the problem kept recurring…because even after turning off 1-click purchasing, and turning on parental restrictions on the Kindle, we accidentally turned 1-click back on. We access Amazon from so many different devices, and every time you login, it prompts you to turn on 1-click purchasing?—?and you only have to slip up once. Finally, I hit upon a foolproof solution: I have a totally fake, invalid credit card set as our 1-click default on Amazon. Yes, I have to remember to switch the credit card every time I make a deliberate purchase, but Peanut has stopped buying Garfield books!

Have fewer devices. This is definitely a “do as I say, not as I do” tip, but it’s worth keeping in mind. One of the reasons it’s so incredibly hard for me to keep Peanut’s tech usage under control is because there is a device on nearly every surface or wall of our house. More devices equals more things to keep locked up or restricted. So if your household is somehow able to make do with fewer than nine computers, seven iOS devices and three gaming consoles, your task will be easier than mine.

Keeping Peanut locked out of the endless temptations in our home is obviously a work in progress. I’ll add future hacks as we figure them out. And meanwhile, I’d welcome your suggestions, too!