Skip to main content
Information Systems Department
Discover IS

Cyber Security

Over the past two decades technology has become an increasingly important aspect of everyone’s lives.

In the Information Systems program, you will have the opportunity to learn about some of the risks/benefits associated with having technology. You will learn common vulnerabilities companies and individuals are exposed to daily because of technology.

The tabs below provide try-it-out exercises to help you become familiar with some of the information you will learn in the information systems program.

WARNING!!! Do not perform any of these try-it-out games anywhere outside of this webpage without written permission of the owner of the system, device, or network you are attempting to use them on. Doing so may have legal ramifications for you.

All try-it-out excercises on this page are inteded for education purposes. Your use of this information acknowledges that you understand that BYU is not responsible for any damages incured by using this informaton outside of this website.

Website Security
Password Security
Website Security
The following exercise will expose you to one of the most common website vulnerabilities found on the internet, SQL injection.

What is SQL Injection? SQL or Structured Query Language is used to access information found in database systems. When a website does not handle user input properly, malicious attackers can use SQL commands to access information inside of the website's database. This is called a SQL injection attack.

Cool, now what do I do? The text box below is designed to show you how dangerous a SQL injection attack can be. For this exercise, the input field below accepts the first name of a user. If the user exists, it will output that user's name, and address. However, it does not handle this request correctly. Try typing the name "David" and pressing enter.

Try two other names for a hint of how you can make it display all users in the database. And don't worry, this input field does not actually connect to a database. So, you can't break it.

Type: "d or 1=1"
What's going on here?
The text field above submits what ever you type into directly to a SQL query that looks something like the following

Example Query
SELECT name,address
FROM Users
WHERE name = (your input);
To learn how to read this SQL query Try-it-Out

By typing in "d or 1=1" you are changing the query's WHERE clause to say "WHERE name = d or 1=1". The query then checks to make sure "1=1" is true for every row in the Users table and returns the row when it is. In this case 1=1 is always true, so the query returns every record in the table

Password Security
For this exercise, try entering in one of your passwords into the text box below. Don't worry we won't steal it. We are just going to test it to see if a hacker can easily guess it.




I've got nothing worth stealing, why should I care about my password strength? Most people think this and it isn't true! Hackers don't always care about taking your money. Sometimes what they want is your identity. If you have a weak password for any of the following things, you're making it easy to take your identity.
  • Bank account
  • School websites
  • Facebook, Twitter, Instagram, Snapchat
  • Email(especially this one)
If a hacker can get into any of those accounts they can pretend to be you. Now imagine what would happen if they broke into one of these accounts and stole your personal information. What would happen if the hacker decided to do something illegal using your identity(something they often use stolen identities for). How would you prove you didn't commit the crime?

BE AWARE! Most of the time people have their passwords/identity stolen whenever a large company is infiltrated by a hacker. So, pay close attention to the news. If a company you have an account with has been hacked into, you should change your passwords! Go ahead and google "data breaches this year" to see if any of the companies you have accounts with have been compromised. If they have, DONT PANIC just contact the organization and ask them how to protect yourself.