Overview

As part of the Sustainable Computing Module at University, there was a task to deliver a artefact to promote good security practices online, working as a team with Kurtis, we created a well designed and comprehensive security walkthrough.

Motivation

Through the module Sustainable Computing we’ve learnt the impacts of making poor security decisions online, knowing people personally that are vulnerable to these type of targeted attacks, I proposed an online application that allowed users to get a quick overview of their own security - like a GP’s health check for your digital wellbeing.

To find which areas of security people felt they didn’t understand the most, we surveyed a sample of various age groups and used this to inform our decision. As can be seen in the image, our other project deliverables were a report on the project and a poster of key deliverable functions.

Tools Used

• Backend is a Node.js application with expressJS for the frontend.
• Authentication is passportJS with local authentication strategy
• Account details are managed through a MongoDB database, persisting user data and progress between sessions
• HaveIBeenPwned’s password breach API was used for breach lookups
• Bootstrap and AnimateJS on the front-end to give a good user experience.

Concluding

The project walks users through various stages of checking their security (see flow chart), firstly by using the HaveIBeenPwnedAPI, then taking the user through How Secure Is My Password which uses local JavaScript to give the user password tips (without sending it to us) and then informing users how to check what companies hold on them, an understanding of GDPR and links to download their own data.

The project was successfully in creating a deliverable that was intuitive, simplistic and portable (as it’s in the browser). I’m very pleased by our end product.