Computing · Year 9

Active learning ideas

Encryption and Passwords

Active learning helps Year 9 students grasp encryption and password security because abstract concepts become concrete when they manipulate, test, and debate them. Hands-on activities build intuition about why longer isn’t always better, why encryption isn’t unbreakable, and why personal details weaken passwords.

National Curriculum Attainment TargetsKS3: Computing - CybersecurityKS3: Computing - Online Safety
20–45 minPairs → Whole Class4 activities

Activity 01

Collaborative Problem-Solving30 min · Pairs

Pair Work: Cipher Encoding Challenge

Pairs create a Caesar cipher wheel from paper plates and encode secret messages for each other to decode. Swap roles after 10 minutes and discuss errors. Extend by trying Vigenère ciphers with keywords.

Explain how encryption protects data confidentiality.

Facilitation TipDuring the Pair Work: Cipher Encoding Challenge, circulate and ask each pair to explain their encoding step to you before moving on to decoding, ensuring they understand the shift process.

What to look forPresent students with three password examples (e.g., 'password123', 'MyDogFluffy!', 'Tr@v3l!ng_2_L0nd0n'). Ask them to identify the strongest and weakest password, explaining their reasoning based on length, character types, and predictability.

ApplyAnalyzeEvaluateCreateRelationship SkillsDecision-MakingSelf-Management
Generate Complete Lesson

Activity 02

Collaborative Problem-Solving45 min · Small Groups

Small Groups: Password Cracking Simulation

Groups receive lists of weak and strong passwords, then use dictionaries and common patterns to 'crack' the weak ones. Rate effectiveness on a class chart. Debrief on why complexity matters.

Design a strong password strategy that balances security and memorability.

Facilitation TipIn the Small Groups: Password Cracking Simulation, assign one student per group to act as the 'hacker' and another as the 'defender' to keep roles clear and engagement high.

What to look forOn an index card, have students write: 1) One reason why using the same password for multiple accounts is a security risk. 2) One characteristic of a strong password they will implement in their own accounts.

ApplyAnalyzeEvaluateCreateRelationship SkillsDecision-MakingSelf-Management
Generate Complete Lesson

Activity 03

Collaborative Problem-Solving40 min · Whole Class

Whole Class: Policy Debate Carousel

Post four password policies around the room (e.g., length rules, reuse bans). Students rotate, note pros/cons on sticky notes, then vote on the best. Facilitate a full-class discussion.

Evaluate the effectiveness of different password policies in preventing unauthorized access.

Facilitation TipFor the Whole Class: Policy Debate Carousel, provide a visible timer for each station to maintain momentum and prevent groups from over-analyzing at the expense of others' time.

What to look forFacilitate a class discussion using the prompt: 'Imagine a company implements a policy requiring all employees to change their password every 30 days and use a 15-character passphrase. What are the potential benefits and drawbacks of this policy for both the company and the employees?'

ApplyAnalyzeEvaluateCreateRelationship SkillsDecision-MakingSelf-Management
Generate Complete Lesson

Activity 04

Collaborative Problem-Solving20 min · Individual

Individual: Personal Strategy Design

Students audit their own passwords, then design three new ones using passphrase techniques. Test memorability by writing from memory after 5 minutes. Share anonymized examples.

Explain how encryption protects data confidentiality.

What to look forPresent students with three password examples (e.g., 'password123', 'MyDogFluffy!', 'Tr@v3l!ng_2_L0nd0n'). Ask them to identify the strongest and weakest password, explaining their reasoning based on length, character types, and predictability.

ApplyAnalyzeEvaluateCreateRelationship SkillsDecision-MakingSelf-Management
Generate Complete Lesson

A few notes on teaching this unit

Teach encryption by starting with what students already know—secret codes from childhood—then gradually introduce complexity. Avoid overwhelming them with math by focusing on the practical impact of weak vs. strong methods. Research shows that when students experience both the creation and breaking of simple ciphers, they grasp why modern encryption relies on large keys and strong algorithms. Emphasize that security is about trade-offs, not perfection, and that human behavior is often the weakest link.

By the end of these activities, students will confidently explain why 'password123' fails despite its length, demonstrate how a Caesar cipher encodes and decodes messages, and design a personal password strategy that balances security and memorability. Success is visible in their discussions, decoded messages, and written defenses of their choices.

Watch Out for These Misconceptions

  • During Pair Work: Cipher Encoding Challenge, listen for students to claim that a password like 'IloveSummer2024!' is secure because it is long and contains symbols.

    Use the Caesar cipher pairs to redirect this misconception: ask students to consider how easily a computer could guess 'summer' or 'love' by testing common words, then compare cracking times for random vs. dictionary-based ciphers.

  • During Small Groups: Password Cracking Simulation, expect students to believe that any encrypted message can be broken with enough time.

    After the simulation, have students compare the time taken to crack a 3-letter vs. a 26-letter key cipher, then discuss how modern encryption (e.g., AES-256) uses keys too large to brute-force even with supercomputers.

  • During Whole Class: Policy Debate Carousel, listen for students to argue that including personal details like a pet’s name makes a password stronger because it is memorable.

    Use the role-play guessing game from the carousel to expose this: have students attempt to guess passwords based on publicly available personal details, then reflect on how social media undermines such choices.

Methods used in this brief

More in Networks and Cybersecurity

Introduction to Computer Networks

Students will define what a computer network is and identify its basic components and benefits.

2 methodologies

LANs and WANs

Students will differentiate between Local Area Networks (LANs) and Wide Area Networks (WANs).

2 methodologies

Network Hardware: Routers, Switches, Hubs

Students will identify and explain the function of common network hardware components.

2 methodologies

Network Topologies

Students will compare Star, Mesh, and Bus network topologies, evaluating their pros and cons.

3 methodologies

Network Protocols: TCP/IP

Students will understand the role of protocols like TCP/IP in ensuring reliable data transmission.

2 methodologies