Digital Solutions 2025 Godot Textbook

This is an attempt to create a digital textbook based on the QCAA Digital Solutions 2025 Syllabus.

It will mainly focus on using Godot to explore the Interactive Media context.

Introduction

These are the main resources that will be used for this course:

image.png

Software List:

Unit 1: Creating With Code

Unit Objectives

  1. Recognise and describe programming features and useability principles.
  2. Symbolise and explain information, ideas and interrelationships related to digital problems.
  3. Analyse problems and information related to a selected technology context.
  4. Determine user experience and programming requirements, and success criteria of a digital problem.
  5. Synthesise information and ideas to develop possible prototype digital solutions.
  6. Generate user interface and programmed components of the prototype digital solution.
  7. Evaluate components and solutions against criteria to make refinements and justified recommendations, and evaluate impacts.
  8. Make decisions about and use mode-appropriate features, language and conventions for particular purposes and contexts.
Unit 1: Creating With Code

Topic 1: Understanding Digital Problems

image.png

Decomposition Example

image.png

Mind Map Example

image.png

Videos


Software

Resources

Videos

Resources

Impact goal Relevant parties Activities Impact indicators Impact risks Risk mitigation
Organisational comments
Describe the benefit that will be delivered Name of organisation(s), group(s) or individual(s) who will benefit from these impacts, who may be able to help us to deliver impacts or who are interested in these impacts for other reasons (see your 3i analysis) Identify activities that could enable these parties to get the benefits described in the impact goal, or enable them to deliver these benefits for others What would success look like, and how would you capture this for communication to others? Identify indicators that you could measure (either qualitatively or quantitatively) to demonstrate that your impact goal(s) have been achieved Identify risks that could prevent impacts from being achieved and/or that could lead to negative unintentional consequences Explain how the identified risks can be mitigated Who will be responsible for delivering the impact goal? Identify any other organisational needs e.g. funding, training or other resources that may needed, and proposed initial actions and timings
Articulate your goal as specifically as possible. This can include goals of other organisations whose impacts we want to help achieve Write the name(s) here Write the activities here List relevant indicators and means of measurement here List risks, explaining the nature and magnitude of each risk Provide risk mitigation narrative here List anything else necessary to achieve the impact here














Videos

Resources

Videos

Videos

Resources

Collect evidence from testing for objective criteria and user surveys for subjective criteria. The criteria should be stated at the start of the project.

Use this evidence to justify how well you have met the criteria then recommend how they could be improved.

Videos

Resources

Language Conventions

Checklist

Unit 1: Creating With Code

Topic 2: User Experiences and Interfaces

Videos

See resource: Useability & Visual Communication

Resources

See resource: Useability & Visual Communication

Resources

Videos

Software

Resources

Unit 1: Creating With Code

Topic 3: Algorithms and Programming Techniques

Videos:

Resources:

Videos:

Resources:

Unit 1: Creating With Code

Topic 4: Programmed Solutions

Resources:

Example Activities

Unit 1: Creating With Code

Formative Internal Assessment 1: Technical Proposal (25%)

Students generate non-coded low-fidelity prototypes that use an external data source in response to a real-world problem in the selected Unit 1 technology context. They communicate the technical feasibility of the solution through a multimodal presentation.

Assessment Objectives

1. Recognise and describe data sources, user-interface components and existing solutions.
2. Symbolise user interfaces and explain ideas and interrelationships between proposed data structures and user experiences.
3. Analyse the problem and information related to the selected technology context.
4. Determine data, programming and user experience requirements of the identified problem and success criteria.
5. Synthesise information and ideas to develop the possible solutions for data, user interface and algorithmic components.
6. Generate a low-fidelity non-coded prototype digital solution.
8. Make decisions about and use mode-appropriate features, language and conventions for written and spoken communication for a technical audience.

Instrument-specific Marking Guide

Additional Information

Example Tasks

Unit 1: Creating With Code

Formative Internal Assessment 2: Digital Solution (25%)

Students generate an innovative digital solution to a real-world problem in the selected Unit 1 technology context. Students document the application of the problem-solving process in response to a stimulus document supplied by the teacher.

Assessment Objectives

4. Determine success criteria for the identified real-world problem.
5. Synthesise information and ideas to develop the possible solutions for data, user interface and programmed components for a digital solution.
6. Generate user interfaces and programmed components of the digital solution.
7. Evaluate components and the digital solution against success criteria to make refinements and justified recommendations and evaluate impacts.
8. Make decisions about and use mode-appropriate features, written language and conventions for a technical audience.

Instrument-specific Marking Guide

  • modified IA2

Additional Information

  • Schools can decide what they want to do but are encouraged to let students experience assessments similar to IA1, IA2 & IA3 when completing the formative tasks. This assumes that FIA1, FIA2 and FIA3 will map as much as possible to the corresponding IAs but exclude information that hasn't been taught yet.

Example Tasks

  • Simple Game
  • Create FIA1

 

Unit 2: Application and Data Solutions

Unit Objectives

  1. Recognise and describe programming features, data and useability principles, and data management processes.
  2. Symbolise and explain information, ideas and data flow relationships within and between systems related to digital problems.
  3. Analyse problems and information related to the selected technology context.
  4. Determine solution requirements and success criteria of a digital problem.
  5. Synthesise information and ideas to develop possible digital solutions.
  6. Generate user interface and programmed components of the prototype digital solution.
  7. Evaluate components and solutions against criteria to make refinements and justified recommendations, and evaluate impacts.
  8. Make decisions about and use mode-appropriate features, language and conventions for particular purposes and contexts.
Unit 2: Application and Data Solutions

Topic 1: Data-driven problems and solution requirements

Videos

Videos

image.png

Decomposition Example

image.png

Mind Map Example

image.png

Videos

Resources

TBD

See resource: Useability & Visual Communication

GetImage.png

Videos

Videos

Videos

Resources

Videos

Resources

See resource: Useability & Visual Communication

Quizlet/Quizz/Booket - TBD

Language Conventions

Checklist

Unit 2: Application and Data Solutions

Topic 2: Data and Programming Techniques

Lots of this has already been covered in Unit 1 BUT now needs to be extended to include data as well which is covered in more detail below.

Videos

Software

Videos

Resources

Software

image.png

Examples

Level 0 DFD

Basically the same as a Context Diagram

image.png

Level 1 DFD

image.png

Videos

Software

Resources

Videos

Videos

Resources

Unit 2: Application and Data Solutions

Topic 3: Prototype Data Solutions

The theory for this unit has been covered in previous units. This unit mainly consolidates and combines previous concepts. Lots of practical activities but no new theory.

Unit 2: Application and Data Solutions

Formative Internal Assessment 3: Digital Solution (25%)

Students generate an innovative digital solution to a real-world problem with a focus on data security and impacts in any of the four technology contexts: web application, mobile application, interactive media or intelligent systems. Students document the application of the problem-solving process in response to a stimulus supplied by the teacher.

Assessment Objectives

4. Determine success criteria for the identified real-world problem.
5. Synthesise information and ideas to develop the possible solutions for data, user interface and programmed components for a secure digital solution.
6. Generate user interfaces and programmed components of the digital solution.
7. Evaluate components and the digital solution against success criteria to make refinements and justified recommendations and evaluate impacts.
8. Make decisions about and use mode-appropriate features, written language and conventions for a technical audience.

Instrument-specific Marking Guide

  • modified IA2 - expectations for security are lower.

Additional Information

  • Schools can decide what they want to do but are encouraged to let students experience assessments similar to IA1, IA2 & IA3 when completing the formative tasks. This assumes that FIA1, FIA2 and FIA3 will map as much as possible to the corresponding IAs but exclude information that hasn't been taught yet.

Example Tasks

  • High Score System
  • Login System
  • Login & Search
  • eSports/Sports Tournament System

Unit 3: Digital Innovation

Unit Objectives

  1. Recognise and describe programming features, digital system, interface components, and useability principles.
  2. Symbolise and explain programming information, ideas and interrelationships between data structures and user experiences.
  3. Analyse problems and information related to the selected technology context.
  4. Determine solution requirements, and success criteria of a digital problem.
  5. Synthesise information and ideas to develop possible solutions for data, user interface and programmed components.
  6. Generate user interfaces and programmed components of the prototype digital solution.
  7. Evaluate components and a solution against criteria to make refinements and justified recommendations, and evaluate impacts.
  8. Make decisions about and use mode-appropriate features, language and conventions for particular purposes and contexts.
Unit 3: Digital Innovation

Topic 1: Interactions Between Users, Data and Digital Systems

These are extensions of concepts covered previously.

Videos

Resources

Covered in Unit 2, Topic 2. Expand & consolidate.

Covered previously. Expand & consolidate.

Unit 3: Digital Innovation

Topic 2: Real-world Problems and Solution Requirements

Resources

Videos

Videos

Videos

TBD

Videos

Videos

Covered previously. Expand and consolidate.

Unit 3: Digital Innovation

Topic 3: Innovative Digital Solutions

Resources:

Videos

Resources

Videos

Unit 4: Digital Impacts

Unit Objectives

  1. Recognise and describe programming features, components of data exchange systems, privacy principles and data exchange processes.
  2. Symbolise and explain data structures and specifications, methods for exchanging data, and data-flow relationships within and between systems.
  3. Analyse problems and information related to digital systems.
  4. Determine solution requirements and success criteria.
  5. Synthesise information and ideas to develop possible components of digital solutions.
  6. Generate components of the digital solution.
  7. Evaluate components and solutions against success criteria to make refinements and justified recommendations, and evaluate impacts.
  8. Make decisions about and use mode-appropriate features, language and conventions for particular purposes and contexts.
Unit 4: Digital Impacts

Topic 1: Digital methods for exchanging data

Unit 4: Digital Impacts

Topic 2: Complex Digital Data Exchange Problems and Solution Requirements

Unit 4: Digital Impacts

Topic 3: Prototype Digital Data Exchanges

Assessment Guide

This is a guide to working through various assessments with examples.

Assessment Guide

Internal Assessments Compared

2025 Syllabus 

Component Size IA1 IA2 IA3
Format
Video (10 min) PDF(10 A4)+Video(2 min) PDF (10 A4)+Video(2 min)
1. Stimulus
Task

Task, Functional Requirements,

Additional Requirements, Personas, Data

Task, Functional Requirements,

Additional Requirements, Personas, Data
2. Mindmap 1 A4 X (encouraged) (encouraged)
3. Constraints & Limitations 0.25 A4 X
 
4. Success Criteria 0.5 A4 X X X
5. Introduction 0.25 A4 X X X
6. Existing Solution (Annotated) 1 A4 X
 

7. Data Source Analysis

0.25 A4

 X (encouraged) (encouraged)

8. Data Solution (ER Diagram, Data Dictionary, Sample)

2 A4

 X X X

9. User Interface (Annotated)

N/A

 X (encouraged) (encouraged)

10. Inter Interface (Data + SQL)

2 A4

 X (encouraged) (encouraged)

11. Security

0.5 A4

X

12. Usability Principles

N/A

 X X X

13. Pseudocode

1 A4

 X

14. Code

2 A4
X X

15. Final Product (Video)

N/A
X X

16. Prototype (Video)

N/A

 X X X

17. Testing, Feedback & Evaluation

3 A4
X X

18. Bibliography

N/A

 X X X

Total Length:



11? / 10 11.5? / 10

Old 2019 Syllabus 

Component IA1 IA2 IA3
Format Video (10 min) PDF (8-10 A3) +
Video (2-4 min) +
Code (4-6 A4)		 PDF (8-10 A3) +
Video (1-2 min) +
Code (2-4 A4)
1. Stimulus Task

Task, 

Interactions,

Component Specifications

Task, Interactions,

Component Specifications
2. Mind Map X X X
3. Constraints & Limitations X

4. Success Criteria X X X
5. Introduction X X X
6. Existing Solution (Annotated) X
 

7. Data Source Analysis

 X X X

8. Data Solution (ER Diagram, Data Dictionary, Sample)

 X X X

9. User Interface (Annotated)

 X X X

10. Inter Interface (Data + SQL)

 X X X

11. Security

X

12. Usability Principles

 X X X

13. Pseudocode

 X

14. Code
X X

15. Final Product
X X

16. Prototype (Video)

 X X X

17. Testing, Feedback & Evaluation

 X X X

18. Bibliography

 X X X
Assessment Guide

Password DB Example Task

(Reasonable task for IA1 & IA2. Not great for IA3)

For this task, you have been asked to create an application that stores passwords for various applications and websites in 6 weeks.

The initial version does not require data to be encrypted but some security concepts should be incorporated in the design or added in the future.

The application should be cross-platform and implement the following features:

Assessment Guide

Stimulus

All assignments will have a stimulus so that you know what to do.

The minimum will be a task sheet.

IA2 & IA3 will also provide the following:

Password DB Example - Mindmap (Draw.io)

Functional & non-functional requirements

Not provided for this example.

Personas
Person A Person B Person C

A teenager with a few passwords. He mainly wants to be able to store the passwords on his phone.

 

He doesn't want to forget the sites that he has accounts on.

A mother who has multiple accounts on sites for herself and her children. She has multiple usernames on the same site and often needs to store extra information about them as well.

 

She only ever looks up the information on her computer.

A retired person. They always forget their passwords and want anything to be as simple as possible. They want it to work offline.

 

They don't have many passwords.
Sample Data

The data will be provided in a CSV file.

Name Username Password URL Comments
Gmail apple@gmail.com 123abc https://www.gmail.com/
Hotmail bannanahotmail.com Password1 Hot Mail
NetFlix apple@gmail.com 123abc https://nextfix.com/

Assessment Guide

Explore Mind Maps

IA1:
image.png

image.png

IA1, IA2, IA3:

image.png

Key areas to look into:

Password DB Example - Mindmap (Draw.io)

Assessment Guide

Constraints and Limitations

IA1:
image.png

Here are the common constraints that projects might have:

There may also be other constraints or limitations stated in the task sheet. These are often related to which technology will be used as well as things to reduce the scope of the project.

Password DB Example - Constraints and Limitations

Assessment Guide

Success Criteria

IA1:
image.png

IA2 & IA3:

image.png
image.png

Prescribed Criteria

Self-Determined Criteria

These are now combined and don't need to be separated like they were in old examples you may have seen online.

It can be in a list but is often better in a table looking at the impact of the criteria.

Here is how the task links to the criteria:

Password DB Example - Success Criteria

Criteria Description Impact (Personal, Social, Economic)
SC1 A master password to access the application Personal: There is a chance the person might forget it but it is better than other people accessing all the stored passwords.
SC2 Ability to add new entries. This will need to use a database for storage.
SC3 Ability to update entries This will need to use a database for storage.
SC4 Ability to list active entries. This will get information from a database. Make sure that the data is sorted in a way that makes sense.
SC5 Ability to list archived entries. This will get information from a database. Make sure that the data is sorted in a way that makes sense.
SC6 Ability to view a single entry. The same page could be used to view information as well as edit/update information.
SC7 Automatically download and update favourite icons. Social: This will require internet access. If there is an icon then don't look for one again. If there isn't one then check but don't crash the application if internet isn't working.
SC8 Ability to generate/recommend a good password. It would be nice if we could generate a password that people could use based on a set of rules.
SC9 Ability to update the master password. Personal/Social: It will be more secure if we can update the password if someone finds it out.
SC10 Passwords should be hidden but have a show button to see them or a button to copy it without seeing it. Personal/Social: Other people might look at the computer. It would be good if it could be used in a public area.
SC11 Make sure that the application is learnable and has safety Social: The application should be easy to learn and use without crashing.
SC11 Make sure that the application has good alignment, hierarchy, contrast and proximity. Social: The application should look professional.
Assessment Guide

Introduction (Problem Description & Solution)

IA1, IA2 & IA3:
image.png

Take the task that has been set and reword it to introduce what this document is about.

It can also be used to talk about any concepts that you want to talk about to meet specific criteria from the task sheet. A good way to do this is to:

Here is the example task:

Password DB Example - Introduction

The problem is that people constantly forget their passwords or write them on paper or a text file on the desktop so that they don't forget them. This can become a problem as people have more passwords for different sites and sometimes different usernames for the same site.

 

The key users of this system being designed to solve this problem are retired people that want a simple system that works offline.

 

For the initial proof of concept, a database is going to be created with a simple user interface. To make the solution work on multiple platforms Godot has been chosen to create the user interface since it can be used rapidly create cross platform user interfaces and supports multiple SQL databases. This document will explore one way to create a "Password Database" application. It will look one way to design the user interface taking usability principles into consideration as well as exploring the algorithms and security concerns. It will evaluate how well the resulting application was compared to the initial criteria.

Assessment Guide

Existing Solution(s) Analysis

IA1:
image.png

image.png

When looking at existing solutions you are looking for a few different things:

Password DB Example - Existing Solution


Assessment Guide

Data Source Analysis

IA1:
image.png

For IA2 & IA3 data or a data source should have been provided.

File Format

When looking at the data you should try to understand the file format being used. It will probably be either CSV, JSON or XML. The data inside it will generally consist of text and numbers at least.

Do you need all the data or only part of it? Are there issues with the data that need to be resolved?

You should look at the provided file format and explain how you will use it and any issues that could be a problem.

Source/Reliability

You should evaluate the source of the data and how reliable it is. Do you trust it? Is it likely to be biased? Is it limited or incomplete?

Sample Data

Provide some sample data.

Password DB Example - Data Source Analysis

File Format

The file is a CSV file which means that the headings need to be ignored when being imported. Also, all the fields are text.

Source/Reliability

The data provided looks unreliable with one of the URLs not being formatted correctly. Validation should be used and it should be rejected as a URL. One of the usernames looks like it should be an email address but apart from providing a warning, it is possible to know what the format should be.

The passwords provided are also bad. It might be good to provide a generate or some kind of rating to encourage better passwords.

The dataset is also very small. If more data was collected then other people may want additional information that isn't shown in this data set.

Since the passwords are stored and we need to get them back we cannot use hashing. In the future it would be better to encrypt the entire database to make it more secure. SQLite does support encrypted database which might be a solution when encryption is added.

Sample Data
Name Username Password URL Comments
Gmail apple@gmail.com 123abc https://www.gmail.com/
Hotmail bannanahotmail.com Password1 Hot Mail
NetFlix apple@gmail.com 123abc https://nextfix.com/

Assessment Guide

Data Solution

IA1:
image.png
image.png

IA2:
image.png

IA3:
image.png

Data Flow Diagram

image.png

Conventions

When students develop data flow diagrams, they should:

Information comes from and goes to entities and data stores via processes, therefore entities 
may not: 

ER Diagram

There are two types of Entity Relationship Diagrams:

There are three tools that are useful for creating the ERD:

Data Dictionary

A data dictionary shows what data will be stored in a table. What goes into a table varies depending on the individual but the required data is:

Other common information is:

Sample Data

This is a table that shows what kind of data will be stored in the table. It is really useful when talking about the data. The data itself does not need to be real but similar to what might be in the system.

Example SQL

For more complex systems it might be a good idea to list the common queries that will be used by the system so you can talk about them.

Password DB Example - Data Solution

Data Flow Diagram
ER Diagram

The database only needs a single table. At the moment the name of the site is considered to be unique and the primary key. If the user wants to have 2 different accounts at the same site they can use a slightly different name (gmail1, gmail2). Active is a hidden field that the user will never be able to see and will only interact with indirectly (1 for active and 0 for archive).

Data Dictionary

Passwords:

Field Name Type Length Primary Key Required Validation Rules
Name Text 3-20 Yes Yes
Username Text 5-20
Yes
Password Text 3-50
Yes
URL Text 0-200

Must be HTTP[s]://
Comment Text 500


Icon Blob



Active bool

Yes
Sample Data

Passwords

Name Username Password URL Comment Icon Active
Gmail apple@gmail.com 123abc https://www.gmail.com/

image.png

 True
Hotmail bannana@hotmail.com Password1 https://hotmail.com/

image.png

 True
NetFlix apple@gmail.com 123abc https://nextfix.com/

image.png

 False
Example SQL

There is a problem with the database created. Have a look at the evaluation for the mistake.

Assessment Guide

User Interface Design

IA1:
image.png

IA2:
image.png

IA3:
image.png

Site Map / Overview

If the project is large then it is a good idea to provide a basic overview. This isn't needed for smaller projects.

WireFrame / Mockup

Generally, it is a good idea to provide an initial design of the project. This should be very limited since it is just meant to get ideas across. Don't spend a lot of time making it look good. Spend that time talking about your ideas.

Unless you invest time to learn a specific program it will be faster to use paper.

There are lots of different options but the ones below are made in Draw.io using the Mockups shapes under the Software Tab with the Sketch option checked.

Annotation

The most important thing is to explain why you are doing things with the User Interface. This will generally be linked to one of the following:

Review the Resource: Useability & Visual Communication

Password DB Example - User Interface Design

Notice that SC8 is missing from the UI Design. Labelling all the success criteria makes it easier to notice if something was missed. If it is missed from the design phase it will probably be missed from the final product as well.

Assessment Guide

User Interface + Data & SQL

IA1:
image.png
image.png

IA2:
image.png

IA3:

image.png

Password DB Example - User Interface + Data & SQL

SQL

LOGIN:
SELECT *

FROM Passwords
WHERE Username = ?
AND Password = ?

The Login button will check if the user exists in the system and then go to the Account List page.

SQL

 

SELECT *

FROM Passwords

WHERE Active = 1

ORDER BY Name

 

SELECT *

FROM Passwords

WHERE Active = 0

ORDER BY Name

 

UPDATE Passwords

SET Active = 1

WHERE Name = ?

 

You can change from Active to Archive. This will change the data in the table. Active has a button that will let you edit a single account on the edit page.

Archive will let you restore the account.

SQL

 

SELECT *

FROM Passwords

WHERE Name = ?

 

UPDATE Passwords

SET Active = 0

WHERE Name = ?

 

INSERT INTO Password (Name, Username, Password, URL, Comment, Active)

VALUES (?, ?, ?, ?, ?, 1)

 

Validation:

  • Make sure the name, username and password are the correct lengths
  • The URL should be checked to make sure it is a URL

 

The Save button will save the account.

Archive will edit the account.

Cancel will go back to the List Page.

Notice that SC8 is missing from the UI Design. Labelling all the success criteria makes it easier to notice if something was missed. If it is missed from the design phase it will probably be missed from the final product as well.

Assessment Guide

Security

IA3:
image.png

Some ways to do this are:

Password DB Example - Security

Due to the nature of this project, it will not be possible to hash the passwords since they need to be displayed. This means that the only way to make the database secure would be to encrypt the entire database. Unfortunately, this is outside the scope of the current project which means that the data is not secure. Normally to improve the security passwords should be stored only after they have had salt added and then been hashed using an algorithm like MD5. The salt stops rainbow tables from working (Hill, 2021) and the MD5 algorithm is a one-way algorithm which means that hackers can only brute force the password.

 

That being said other security can be implemented in the system. The password can be changed, and it hasn't been hard coded. this allows users to update the password if it has been compromised. The password is hidden by default which prevents other people nearby from seeing your password. The database has been normalised which should reduce data anomalies from corrupting the database.

 

Since limited information is stored and it is only stored on the user's device there are no privacy laws to be concerned with. The risks are that someone will open up the database in another program and can then access all the passwords stored in the system.
Assessment Guide

Usability Principles

IA1:
image.pngimage.png

Talk about some Usability Principles used. See resource Useability & Visual Communication.

This will generally be done on the same page as the User Interface Design.

Password DB Example - Usability

See User Interface Design.

Assessment Guide

Pseudocode

IA1:image.pngimage.pngimage.png

IA2 & IA3:image.png

Official guidance from the syllabus:

Pseudocode does not have a standard format and varies between programmers; however, algorithms must be able to be understood by anyone independent of a particular programming language. When students use pseudocode, they should: 

The following pseudocode demonstrates examples of assignment (DECLARE), sequence, condition (IF), selection (THEN), iteration (WHILE), modularisation (FUNCTION, CALL), indentation and two variations of case (UserLogin, userName) for a user authentication 
process:

image.png

Password DB Example - Pseudocode

Login
BEGIN
  DECLARE password, valid
  valid = False
  WHILE valid == False
    INPUT "Please enter the password:" -> password
    valid = CheckPassword(password)
  END WHILE
END

FUNCTION CheckPassword(password) AS BOOLEAN:
  DECLARE result, DB
  DB.connect()
  result = DB.query("SELECT * FROM Passwords
                     WHERE username = '_master' AND password = ?", [password])
  DB.disconnect()
  RETURN length(result) == 1
END FUNCTION

4-7: Keep asking the user for a password if it is wrong.

 

10: Create a function to make the code more modular.

 

12-15: Connect to the database and see if the password is in the database.

 

16: If a record is returned from the database, then it means that the correct password was entered so true is returned.
List Password
BEGIN
  DECLARE passwords
  
  ClearExistingData()

  FOR heading in ["Icon", "Name", "Username", "Action"]
    AddHeading(heading)
  NEXT heading

  passwords = GetPasswords()
  FOR row in passwords
    AddData(row['icon'], row['name'], row['username'], row['action'])
  NEXT row
END

FUNCTION GetPasswords() AS ARRAY:
  DECLARE result, DB
  DB.connect()
  result = DB.query("SELECT * FROM Passwords ORDER BY name")
  DB.disconnect()
  RETURN result
END FUNCTION

4: This is a method that will clear all old passwords information from the UI.

 

6-8: Add new headings.

 

10: get the data from the database.

 

11-14:  Add the information to the UI.

 

16: Function to make the core easier to maintain. 

 

18-21: connect to the database and get the information from the database about users.
Update Password
BEGIN
  DECLARE password
  DECLARE valid = false
  WHILE valid == false
    INPUT "Please enter the password:" -> password
    IF password != "" THEN
      valid = true
    END IF
  END WHILE
  UpdatePassword(password)
END

FUNCTION UpdatePassword(password):
  DECLARE DB
  DB.connect()
  result = DB.query("UPDATE Passwords SET password = ?
                     WHERE username = '_master'", [password])
  DB.disconnect()
END FUNCTION

3-9: Make sure that the data has been validated.

 

13: Function to make the core easier to maintain. 

 

15-18: connect to the database and update the data.

Assessment Guide

Code

image.png

TBD

Password DB Example - Code

  

 

 
Assessment Guide

Final Product

IA2 & IA3:
image.png

Generally, this will be demonstrated using a 2-minute video of the product working.

If you want to watch me live code this project have a look at this video:

Password DB Example - Final Product

Notice that since SC8 was missing from the design I forgot to make it in the final product.

Assessment Guide

Prototype (Low Fidelity)

IA1:image.png

Generally, this will be demonstrated as part of the 10-minute video.

Password DB Example - Prototype (Low Fidelity)

TBD

Assessment Guide

Testing, Feedback & Evaluation

IA2 & IA3:
image.png

Testing

Every Criteria that can be tested, should be tested at least once. For some criteria, they should be tested even more.

At a minimum, every criterion should be tested for normal data. This is data that the program expects. For most buttons this is the only test possible.

In addition to this anything that involves data input should also try to test invalid data even if it isn't possible:

For a comprehensive test, you also want to test boundary data on both sides.

It will be easier in the evaluation if you number the testing.

User Feedback

Some criteria cannot be tested. To prove that these criteria were successful you need to find the opinion of users. User feedback is a useful way to collect information that can be used in the evaluation.

Make sure you ask questions about each criterion that cannot be proven. Also ask question that will encourage feedback that you can use in the evaluation.

It will be easier in the evaluation if you number the feedback.

Evaluation

Copy the criteria table from the Criteria Section and add columns for Evaluation and Recommendations.

If you have selected good criteria that are comprehensive then this should be enough. If you have not selected good criteria then you will also want to evaluate:

All of the criteria should have been either tested or been part of user feedback. Each evaluation should reference the testing or user feedback.

Password DB Example - Testing, Feedback & Evaluation

Testing
Test# Criteria Action/Input Expected Outcome Actual Outcome Errors/resolution
1 SC1 Enter the correct master password The scene should change to the list of accounts. The scene changed to the list of accounts. The first time the code was run the database was not connected correctly. The code had to be updated.
2 SC1 Enter the wrong master password The password should be cleared. The password is not cleared. The password should be cleared if the password is wrong.
3 SC2 Type in valid information to add a new account and click save. The data should be added to the database. The data is added to the database.
4 SC2 Type in data that is not valid and click save to add a new account. An error should be displayed, and nothing should be saved to the database. An error is displayed. Initially the error was poorly formatted. Added new lines and improved the formatting.
5 SC3 Edit an existing account and click save. The data should be updated in the database.

The data is updated in the database.

 

There is an issue if the name field is changed. It creates a new record.

 The database needs to be changed so that the name field is not the primary key so that the name can be updated and it doesn't create a new entry. 
6 SC4 Login and go to the list of account and select active. List the active accounts from the database. List the active accounts from the database.
7 SC5 Login and go to the list of account and select Archive. List the archived accounts from the database. List the archived accounts from the database. Initially dropdown box did not trigger changing the list of accounts. Fixed.
8 SC6 Click on edit next to an active account in the list of active accounts. The information about the account should be shown. The information about the account is shown.
9 SC7 Enter a valid URL then click save on an account. The fav icon should be automatically downloaded from the internet and displayed. No icon is shown. Godot does not support the icon file format. Find an online service that can convert from ico to png and used it to convert the file.
10 SC8 Click generate on the account edit page. A good password should be displayed in the password field. No button created to click on. The button needs to be created and then generate a random password.
11 SC9 Click update master password then enter a new password and click save. The password in the database should be updated. The password in the database is updated. Updated the login page so that it could be recused.
12 SC10 Load the edit account page then click the show button. The password should be hidden with * at first then revealed.  The password is hidden with * at first then revealed.  The button was not correctly linked so it did not work at first.

User Feedback

Tester Q1. What one thing did you like about the application the most? Q2. What one thing did you find annoying about the application the most? Q3. How easy was it to learn to use the application hard [1-5] easy? Q4. Try to make the application crash. If you were able to break the application please list what you were able to break. Q5. How would you rate the alignment and hierarchy of the application bad [1-5] good? Q6. How would you rate the contrast and proximity of the application bad [1-5] good?
Kat The application was simple. The application looked really boring. 5 I could not make it crash. 5 3
Elly The fact that I could not delete an account only archive it. It didn't have icons. I thought you said it would have the icons of the site. 4 No crash. 5 4
Sandra Simple I wanted to create 2 accounts for the same site but it saved over the existing account. This is a big problem. 4 All good 5 3
Evaluation
Criteria Evaluation Recommendation
SC1 There is a master password and it can be updated. See test 1, 2 & 11. This criteria has been passed successfully. The security on the database needs to be improved. It would be good if this password was used to enrypt the database in the future.
SC2 As you can see in tests 3 & 4 this criteria has been completed successfully. It would be nice if more information could be stored and more validation for the fields.
SC3 As you can see in tests 5 this criteria has been partially completed. Unfortunately to fix the bug the entire database needs to be changed. When designing the database I made the name the primary key which was wrong since people may want to change the name. Add a new primary key to the database that isn't the name. I would probably use an automatically incrementing integer that isn't visible to users. This would make it so that the name field could be easily updated.
SC4 As you can see in test 6 this criteria has been completed successfully. Make is so that you can sort the data.
SC5 As you can see in test 7 this criteria has been completed successfully.
SC6 As you can see in test 8 this criteria has been completed successfully.
SC7 As you can see in test 9 this criteria failed. Godot can download the images but Godot cannot show icon files so this criteria was never possible. More research should have been done at the start of the project to avoid this mistake. Use an online service to convert ico files to png. I am sure this is possible but it is beyond the scope of this current project.
SC8 As you can see in test 10 this criteria failed. I forgot to design this feature and build it. A button should be added that will generate random password.
SC9 As you can see in test 11 this criteria has been completed successfully.  
SC10 As you can see in test 11 this criteria has been completed successfully.  
SC11 The application is easy to use and impossible to crash (see feedback, Q3 & Q4). The only major issue is when the name is updated for an existing record. See SC3. That being said at the moment while it works it would be nice if it looked better and was more reactive to the screen size changing. Make the application look better so that it is more pleasing to the eye.
SC11 The application has done well meeting this criteria. (see feedback, Q5 & Q6) Additional feedback should be collected to find out how to improve the contrast and proximity.
Assessment Guide

Bibliography

IA1, IA2 & IA3:
image.png

Use APA which is built into Office & Google Docs.

TBD

Password DB Example - Bibliography

TBD

 

https://www.csoonline.com/article/570931/rainbow-tables-explained-how-they-work-and-why-theyre-mostly-obsolete.html

 

Assessment Guide

Password DB Example (Combined)

Introduction

The problem is that people constantly forget their passwords or write them on paper or a text file on the desktop so that they don't forget them. This can become a problem as people have more passwords for different sites and sometimes different usernames for the same site.

 

The key users of this system being designed to solve this problem are retired people that want a simple system that works offline.

 

For the initial proof of concept, a database is going to be created with a simple user interface. To make the solution work on multiple platforms Godot has been chosen to create the user interface since it can be used rapidly create cross platform user interfaces and supports multiple SQL databases. This document will explore one way to create a "Password Database" application. It will look one way to design the user interface taking usability principles into consideration as well as exploring the algorithms and security concerns. It will evaluate how well the resulting application was compared to the initial criteria.

Mind Map

Constraints and Limitations

Success Criteria

Criteria Description Impact (Personal, Social, Economic)
SC1 A master password to access the application Personal: There is a chance the person might forget it but it is better than other people accessing all the stored passwords.
SC2 Ability to add new entries. This will need to use a database for storage.
SC3 Ability to update entries This will need to use a database for storage.
SC4 Ability to list active entries. This will get information from a database. Make sure that the data is sorted in a way that makes sense.
SC5 Ability to list archived entries. This will get information from a database. Make sure that the data is sorted in a way that makes sense.
SC6 Ability to view a single entry. The same page could be used to view information as well as edit/update information.
SC7 Automatically download and update favourite icons. Social: This will require internet access. If there is an icon then don't look for one again. If there isn't one then check but don't crash the application if internet isn't working.
SC8 Ability to generate/recommend a good password. It would be nice if we could generate a password that people could use based on a set of rules.
SC9 Ability to update the master password. Personal/Social: It will be more secure if we can update the password if someone finds it out.
SC10 Passwords should be hidden but have a show button to see them or a button to copy it without seeing it. Personal/Social: Other people might look at the computer. It would be good if it could be used in a public area.
SC11 Make sure that the application is learnable and has safety Social: The application should be easy to learn and use without crashing.
SC11 Make sure that the application has good alignment, hierarchy, contrast and proximity. Social: The application should look professional.

Existing Solution(s) Analysis

Data Source Analysis

File Format

The file is a CSV file which means that the headings need to be ignored when being imported. Also, all the fields are text.

Source/Reliability

The data provided looks unreliable with one of the URLs not being formatted correctly. Validation should be used and it should be rejected as a URL. One of the usernames looks like it should be an email address but apart from providing a warning, it is possible to know what the format should be.

The passwords provided are also bad. It might be good to provide a generate or some kind of rating to encourage better passwords.

The dataset is also very small. If more data was collected then other people may want additional information that isn't shown in this data set.

Since the passwords are stored and we need to get them back we cannot use hashing. In the future it would be better to encrypt the entire database to make it more secure. SQLite does support encrypted database which might be a solution when encryption is added.

Sample Data
Name Username Password URL Comments
Gmail apple@gmail.com 123abc https://www.gmail.com/
Hotmail bannanahotmail.com Password1 Hot Mail
NetFlix apple@gmail.com 123abc https://nextfix.com/

Data Solution

Data Flow Diagram

ER Diagram

The database only needs a single table. At the moment the name of the site is considered to be unique and the primary key. If the user wants to have 2 different accounts at the same site they can use a slightly different name (gmail1, gmail2). Active is a hidden field that the user will never be able to see and will only interact with indirectly (1 for active and 0 for archive).

Data Dictionary

Passwords:

Field Name Type Length Primary Key Required Validation Rules
Name Text 3-20 Yes Yes
Username Text 5-20
Yes
Password Text 3-50
Yes
URL Text 0-200

Must be HTTP[s]://
Comment Text 500


Icon Blob



Active bool

Yes
Sample Data

Passwords

Name Username Password URL Comment Icon Active
Gmail apple@gmail.com 123abc https://www.gmail.com/

image.png

 True
Hotmail bannana@hotmail.com Password1 https://hotmail.com/

image.png

 True
NetFlix apple@gmail.com 123abc https://nextfix.com/

image.png

 False
Example SQL

There is a problem with the database created. Have a look at the evaluation for the mistake.

User Interface + Data & SQL

SQL

LOGIN:
SELECT *

FROM Passwords
WHERE Username = ?
AND Password = ?

The Login button will check if the user exists in the system and then go to the Account List page.

SQL

 

SELECT *

FROM Passwords

WHERE Active = 1

ORDER BY Name

 

SELECT *

FROM Passwords

WHERE Active = 0

ORDER BY Name

 

UPDATE Passwords

SET Active = 1

WHERE Name = ?

 

You can change from Active to Archive. This will change the data in the table. Active has a button that will let you edit a single account on the edit page.

Archive will let you restore the account.

SQL

 

SELECT *

FROM Passwords

WHERE Name = ?

 

UPDATE Passwords

SET Active = 0

WHERE Name = ?

 

INSERT INTO Password (Name, Username, Password, URL, Comment, Active)

VALUES (?, ?, ?, ?, ?, 1)

 

Validation:

  • Make sure the name, username and password are the correct lengths
  • The URL should be checked to make sure it is a URL

 

The Save button will save the account.

Archive will edit the account.

Cancel will go back to the List Page.

Notice that SC8 is missing from the UI Design. Labelling all the success criteria makes it easier to notice if something was missed. If it is missed from the design phase it will probably be missed from the final product as well.

Pseudocode

Login
BEGIN
  DECLARE password, valid
  valid = False
  WHILE valid == False
    INPUT "Please enter the password:" -> password
    valid = CheckPassword(password)
  END WHILE
END

FUNCTION CheckPassword(password) AS BOOLEAN:
  DECLARE result, DB
  DB.connect()
  result = DB.query("SELECT * FROM Passwords
                     WHERE username = '_master' AND password = ?", [password])
  DB.disconnect()
  RETURN length(result) == 1
END FUNCTION

4-7: Keep asking the user for a password if it is wrong.

 

10: Create a function to make the code more modular.

 

12-15: Connect to the database and see if the password is in the database.

 

16: If a record is returned from the database, then it means that the correct password was entered so true is returned.
List Password
BEGIN
  DECLARE passwords
  
  ClearExistingData()

  FOR heading in ["Icon", "Name", "Username", "Action"]
    AddHeading(heading)
  NEXT heading

  passwords = GetPasswords()
  FOR row in passwords
    AddData(row['icon'], row['name'], row['username'], row['action'])
  NEXT row
END

FUNCTION GetPasswords() AS ARRAY:
  DECLARE result, DB
  DB.connect()
  result = DB.query("SELECT * FROM Passwords ORDER BY name")
  DB.disconnect()
  RETURN result
END FUNCTION

4: This is a method that will clear all old passwords information from the UI.

 

6-8: Add new headings.

 

10: get the data from the database.

 

11-14:  Add the information to the UI.

 

16: Function to make the core easier to maintain. 

 

18-21: connect to the database and get the information from the database about users.
Update Password
BEGIN
  DECLARE password
  DECLARE valid = false
  WHILE valid == false
    INPUT "Please enter the password:" -> password
    IF password != "" THEN
      valid = true
    END IF
  END WHILE
  UpdatePassword(password)
END

FUNCTION UpdatePassword(password):
  DECLARE DB
  DB.connect()
  result = DB.query("UPDATE Passwords SET password = ?
                     WHERE username = '_master'", [password])
  DB.disconnect()
END FUNCTION

3-9: Make sure that the data has been validated.

 

13: Function to make the core easier to maintain. 

 

15-18: connect to the database and update the data.

Security

Due to the nature of this project, it will not be possible to hash the passwords since they need to be displayed. This means that the only way to make the database secure would be to encrypt the entire database. Unfortunately, this is outside the scope of the current project which means that the data is not secure. Normally to improve the security passwords should be stored only after they have had salt added and then been hashed using an algorithm like MD5. The salt stops rainbow tables from working (Hill, 2021) and the MD5 algorithm is a one-way algorithm which means that hackers can only brute force the password.

 

That being said other security can be implemented in the system. The password can be changed, and it hasn't been hard coded. this allows users to update the password if it has been compromised. The password is hidden by default which prevents other people nearby from seeing your password. The database has been normalised which should reduce data anomalies from corrupting the database.

 

Since limited information is stored and it is only stored on the user's device there are no privacy laws to be concerned with. The risks are that someone will open up the database in another program and can then access all the passwords stored in the system.

Code

  

 

 

Final Product

Evaluation

Testing
Test# Criteria Action/Input Expected Outcome Actual Outcome Errors/resolution
1 SC1 Enter the correct master password The scene should change to the list of accounts. The scene changed to the list of accounts. The first time the code was run the database was not connected correctly. The code had to be updated.
2 SC1 Enter the wrong master password The password should be cleared. The password is not cleared. The password should be cleared if the password is wrong.
3 SC2 Type in valid information to add a new account and click save. The data should be added to the database. The data is added to the database.
4 SC2 Type in data that is not valid and click save to add a new account. An error should be displayed, and nothing should be saved to the database. An error is displayed. Initially the error was poorly formatted. Added new lines and improved the formatting.
5 SC3 Edit an existing account and click save. The data should be updated in the database.

The data is updated in the database.

 

There is an issue if the name field is changed. It creates a new record.

 The database needs to be changed so that the name field is not the primary key so that the name can be updated and it doesn't create a new entry. 
6 SC4 Login and go to the list of account and select active. List the active accounts from the database. List the active accounts from the database.
7 SC5 Login and go to the list of account and select Archive. List the archived accounts from the database. List the archived accounts from the database. Initially dropdown box did not trigger changing the list of accounts. Fixed.
8 SC6 Click on edit next to an active account in the list of active accounts. The information about the account should be shown. The information about the account is shown.
9 SC7 Enter a valid URL then click save on an account. The fav icon should be automatically downloaded from the internet and displayed. No icon is shown. Godot does not support the icon file format. Find an online service that can convert from ico to png and used it to convert the file.
10 SC8 Click generate on the account edit page. A good password should be displayed in the password field. No button created to click on. The button needs to be created and then generate a random password.
11 SC9 Click update master password then enter a new password and click save. The password in the database should be updated. The password in the database is updated. Updated the login page so that it could be recused.
12 SC10 Load the edit account page then click the show button. The password should be hidden with * at first then revealed.  The password is hidden with * at first then revealed.  The button was not correctly linked so it did not work at first.
User Feedback
Tester Q1. What one thing did you like about the application the most? Q2. What one thing did you find annoying about the application the most? Q3. How easy was it to learn to use the application hard [1-5] easy? Q4. Try to make the application crash. If you were able to break the application please list what you were able to break. Q5. How would you rate the alignment and hierarchy of the application bad [1-5] good? Q6. How would you rate the contrast and proximity of the application bad [1-5] good?
Kat The application was simple. The application looked really boring. 5 I could not make it crash. 5 3
Elly The fact that I could not delete an account only archive it. It didn't have icons. I thought you said it would have the icons of the site. 4 No crash. 5 4
Sandra Simple I wanted to create 2 accounts for the same site but it saved over the existing account. This is a big problem. 4 All good 5 3
Evaluation
Criteria Evaluation Recommendation
SC1 There is a master password and it can be updated. See test 1, 2 & 11. This criteria has been passed successfully. The security on the database needs to be improved. It would be good if this password was used to enrypt the database in the future.
SC2 As you can see in tests 3 & 4 this criteria has been completed successfully. It would be nice if more information could be stored and more validation for the fields.
SC3 As you can see in tests 5 this criteria has been partially completed. Unfortunately to fix the bug the entire database needs to be changed. When designing the database I made the name the primary key which was wrong since people may want to change the name. Add a new primary key to the database that isn't the name. I would probably use an automatically incrementing integer that isn't visible to users. This would make it so that the name field could be easily updated.
SC4 As you can see in test 6 this criteria has been completed successfully. Make is so that you can sort the data.
SC5 As you can see in test 7 this criteria has been completed successfully.
SC6 As you can see in test 8 this criteria has been completed successfully.
SC7 As you can see in test 9 this criteria failed. Godot can download the images but Godot cannot show icon files so this criteria was never possible. More research should have been done at the start of the project to avoid this mistake. Use an online service to convert ico files to png. I am sure this is possible but it is beyond the scope of this current project.
SC8 As you can see in test 10 this criteria failed. I forgot to design this feature and build it. A button should be added that will generate random password.
SC9 As you can see in test 11 this criteria has been completed successfully.  
SC10 As you can see in test 11 this criteria has been completed successfully.  
SC11 The application is easy to use and impossible to crash (see feedback, Q3 & Q4). The only major issue is when the name is updated for an existing record. See SC3. That being said at the moment while it works it would be nice if it looked better and was more reactive to the screen size changing. Make the application look better so that it is more pleasing to the eye.
SC11 The application has done well meeting this criteria. (see feedback, Q5 & Q6) Additional feedback should be collected to find out how to improve the contrast and proximity.

Bibliography

TBD

 

https://www.csoonline.com/article/570931/rainbow-tables-explained-how-they-work-and-why-theyre-mostly-obsolete.html

Resources

Resources

Useability & Visual Communication

Useability Principle

Useability Principle Definition What you could look for
accessibility ability to be used by many different people, even people with disabilities
  • responsive design - able to be used on mobile, tablet and desktop
  • compatible with speech readers and scaling fonts for visual difficulties
  • uses ARIA parameters for assistive technologies
  • use HTML5 semantic tags to categorise content for quicker access
  • compatibility tested across browsers Chrome, Edge, Safari. (Consider older versions)
learnability how easy a system is to learn
  • Minimal clutter, consistent and familiar layout (Design principles)
  • Iconography
  • Tutorials
  • Tooltips
  • Help features
safety ability for users to make errors and recover from the mistake - don't confuse safety with security
  • 404 pages (good error recovery pages)
  • Error feedback on page
  • AFK timeouts (… security)
  • Checking of fields before submitting an answer (client-side validation)
  • Limiting input options
utility ability of the system to provide all the functionality that users need CAN IT DO PRESCRIBED FUNCTIONALITY?
  1. E.g.: generate a cipher problem
  2. E.g.: CAN THE WEB APPLICATION SEARCH FOR USERS?
effectiveness ability of users to use the system to do the work they need to do, includes reliability HOW WELL CAN IT DO IT?
  1. E.g.: the cipher problem is random so that it's a new problem every time
  2. E.g.: CAN THE WEB APPLICATION FILTER SEARCH RESULTS

Elements of Visual Communication

Design Element Definition
Space Used to support meaning or zone groups of data (i.e. space between elements). Used consistently to develop predictability
Point Smallest element of visual communication, can be a dot but not necessarily circular
Colour Choice of colour matters. Be consistent throughout application, and make sure colours chosen are compatible with each other (perhaps use a colour wheel)
Tone Tone is light or dark variation of any colour
Line A line can be a starting place, a marker or trigger to change
Shape Shapes can use lines (straight or curved) to develop two-dimensional zoning and the implied boundary of an object. Shapes are good for conveying structure around data. The simplest form of shapes with data is a table. Shapes could also be a circular icon to centre a user to a record button on a phone
Texture Texture refers to the tactile or inferred visual features of an object
Form Can give depth
Proportion and scale Ratio and size. Look for the "Golden Ratio". In mathematics, two quantities are in the golden ratio if their ratio is the same as the ratio of their sum to the larger of the two quantities

Principles of Visual Communication

Design Principle Definition
Balance Arrangement of components of a visual communication in relation to a real or implied central axis / equilibrium / symmetry
Contrast Contrast refers to opposing aesthetic qualities (i.e., what you see when you compare things that are different) and can be used for to create emphasis or focal point
Proximity Where elements are positioned or grouped in relation to each other, perhaps 'clumping' elements near each other that have a perceived relationship (or avoiding those that don't)
Harmony Interpreting the proximity to make sure components as a whole provide valuable meaning and are complementary across the interface. For example, sometimes it is better to split datasets across screens for example to avoid confusion
Alignment Elements should 'line up', commonly used in HTML sign up forms
Repetition Repeated elements (such as page constructs, sections or product layouts) which helps predictability
Hierarchy Hierarchy refers to the 'reading order' of a design