When we started development on the second game after winning the game jam (See post) we decided that each of the six cyber security messages should be its own quest:

  • How to create a strong password and why it's important
    This quest was a multiple choice game in which the player had to select the strongest password from a list. If they chose a weak password a message would pop up about why that wasn't a great choice for a password.
  • Why it is a bad idea to share your password with others
    This was in the style of a 'murder mystery logic puzzle' type game. The premise was that somoene had posted to the quest-giver's Facebook without her permission, and because she had told someone else her password and they had shared it with other people, there were five suspects. The puzzle was that each person would tell one truth and one lie whenever they spoke, and the player had to deduce who the culprit was using that information.
  • The potential dangers of unknown USB sticks
    For this quest, the player controlled a computer and they had to use the movement to dodge the incoming USB sticks which contained malware for as long as possible.
  • Why it's a bad idea to input sensitive information into a public PC
    In this quest several people had left public PCs logged into their online bank accounts and the player had to log them out before someone stole their information. The player controlled a mouse cursor and had to navigate several mazes to reach the log-out button.
  • How to identify Phishing spam
    The quest was similar to a hazard perception test in a driving theory test, an e-mail would be typed on the screen, and the player would have to press the button every time something appeared that suggested that the e-mail was irreputable. For example the player would get a point if they clicked when the sender was shown to be HMRC@gov-ment.uk
  • The importance of using encryption to send important data online
    In this quest the player had to catch the correct letter that came up in the sequence whilst avoiding the others.


Arcade Machine


For Cyber Security Week we formatted the game to work on an arcade machine, which we presented for people to play as they passed through the building.
Making the game playable on the arcade machine didn’t prove too difficult, as whoever had built the machine had set it up to send the same inputs as an xbox controller, so we could test it out without having to put it into the machine every time.
One of the most important things I learned that week is that if games are being presented to the public, they should be set up in such a way that people can jump into and out of the game without needing to make any kind of time commitment. We noticed that most people who played our game were doing so to pass the time before a lecture or waiting for food to be prepared, so most people would need to leave mid-game. In future if I am presenting a game to the public I plan to have a system that will return the game to the default menu if it doesn’t recieve any input for a set amount of time, as well as something to tell a player how they’re doing in the game no matter when they choose to leave.