Level 2 - Password Cracking Simulation

PASSWORD CRACKING SIMULATION

Lesson 2 of 5

~7 hrs

WARMUP: Guess the Password Game

Think of a 4-digit PIN. How many guesses would it take someone to crack it if they started at 0000 and tried every combination? That's 10,000 possibilities — but a computer can test them in milliseconds!

4 digits = 10⁴ = 10,000 combinations

CORE CONCEPTS

A brute force attack tries every possible combination until it finds the right one. Python is perfect for automating this.

def brute_force_pin(target):
    for i in range(10000):
        attempt = str(i).zfill(4)
        if attempt == target:
            return f"Cracked! PIN is {attempt}"
    return "Not found"

print(brute_force_pin("5732"))
                            

MINI CHALLENGE: Crack the 3-Digit PIN

How fast can your Python script find a 3-digit PIN? Only 1,000 combinations to check!

# Your mission: write a brute-force function
# that finds any 3-digit PIN (000-999)
# Time yourself — can you do it under 1 second?
                        

Extension: Add a counter to show how many attempts it took.

MAIN PROJECT: Password Strength Checker

Build a Python algorithm that evaluates password strength based on length, character variety, and common patterns.

Check password length (min 8, ideal 12+)

Detect uppercase, lowercase, numbers, symbols

Check against a list of common passwords

Output: Weak / Moderate / Strong rating

QUIZ: Password Security

Test your knowledge of password cracking and defense.

1. What attack tries every possible combination?

Brute force

Dictionary attack

Phishing

2. Which password has the highest entropy?

abc123

password

k#7G!pQ9

3. What is the main advantage of a dictionary attack over brute force?

It's more accurate

It's much faster

It works offline