One important concept for all computing students to understand is security—both their own, and for the technologies and systems they might eventually develop. This open educational resource provides an assignment to introduce to students in an introductory programming class to a foundational security concept: password security. The assignment begins with a basic introduction to security as an important concept in computing, drawing from real world examples of security breaches with a focus on the importance of good password practices. It then explains password strength as a concept and has students use conditionals, logical operators, and for and while loops to code a password strength checker and simple password management system.
The lecture slides included with this assignment (described in the next section) introduce the importance of security in general as well as good password practices via current events. We recommend that instructors consider updating these slides to include more recent news items that students may be familiar with.
When asked for feedback on the assignment when implemented in a class at our university, some students wished that less time had been spent on the security concepts and more time on code, but others were excited to learn about passwords and security in general. One student even said that the experience made them excited to take a cybersecurity course. Instructors who are interested in encouraging students to dig in even more may assign some of the articles included here and in the lecture slides as readings.
Instructors might also consider adjusting the assignment itself to include more or less programming scaffolding depending on the pace of the class and the learning objectives for the students. For example, a way to make the assignment simpler would be to take out the password management system aspect, and have students implement singular functions (for example, the password strength checker); similarly, a way to make the assignment more complex would be to have students also write the main function that we included as started code.
Another option to adjust this assignment towards more creativity and collaborative work would be to lean even more into the password strength aspect and have students create their own versions of strength checkers and then try them out with each other. The “Password Game” (neal.fun/password- game) mentioned in the lecture slides might provide students with some inspiration.
A recent review of cybersecurity education literature revealed that only 31% of that literature includes any output that instructors could use [8]. However, openly available teaching resources are often a reason that instructors give for adopting responsible computing topics into their classroom [6], and therefore we hope this resource might serve as encouragement for instructors interested in this topic.
For references see the paper.
In recent years there has been increasing attention to the role that ethics and other aspects of responsible computing play in computing education, with calls to action to integrate these topics across computing curriculum and embed them into technical classes, often through programming assignments [4,5,6]. One of these topics not as frequently considered is security, which also is a topic that can be applied to all computing specializations [1], from user experience design to artificial intelligence. When President Obama created the National Initiative for Cybersecurity Education (NICE) in the U.S., the core idea was that an important resource for the fight against cyberthreats is people: “people who create the technologies that protect information and resources, people who can recognize cyberthreats and respond to them, and people who understand how to protect themselves and others in cyberspace” [7] Though security is often an elective for undergraduate computing students, it is a highly in demand specialization—but also it is something that any person would benefit from understanding.