diff --git a/sheet03/a1/a.txt b/sheet03/a1/a.txt
new file mode 100644
index 0000000..e69de29
diff --git a/sheet03/a1/b.txt b/sheet03/a1/b.txt
new file mode 100644
index 0000000..e69de29
diff --git a/sheet03/a2/Auth.java b/sheet03/a2/Auth.java
new file mode 100644
index 0000000..6f3405e
--- /dev/null
+++ b/sheet03/a2/Auth.java
@@ -0,0 +1,71 @@
+import java.io.Console;
+import java.util.Map;
+import java.util.HexFormat;
+import java.util.stream.Collectors;
+import java.nio.file.Path;
+import java.nio.file.Files;
+import java.security.MessageDigest;
+
+public class Auth {
+    private static final byte[] INVALID_HASH = "----------------------------------------------------------------".getBytes();
+
+    public static void main(String[] args) {
+        try {
+            Map<String, byte[]> passwd = Files.readAllLines(Path.of("passwd"))
+                .stream()
+                .filter(line -> line.indexOf(":") > 1 && line.length() > 3)
+                .collect(Collectors.toMap(
+                    line -> line.substring(0, line.indexOf(':')),
+                    line -> HexFormat.of().parseHex(line.substring(line.indexOf(':') + 1))
+                ));
+
+            System.out.println("Chocolate Factory SCADA Command Line Interface v2.2.144");
+            System.out.println();
+            System.out.println("Please, enter your authentication credentials.");
+            System.out.println();
+
+            Console cons = System.console();
+
+            String username;
+            String password;
+
+            long timeout = 500;
+            while (true) {
+                username = cons.readLine("> Username: ");
+                password = new String(cons.readPassword("> Password: "));
+
+                MessageDigest digest = MessageDigest.getInstance("SHA-256");
+                byte[] encodedHash = digest.digest(password.getBytes());
+
+                // constant time comparison to prevent timing attacks
+                if (MessageDigest.isEqual(
+                    passwd.getOrDefault(username, INVALID_HASH),
+                    encodedHash
+                )) {
+                    System.out.println();
+                    System.out.printf("Welcome %s!%n", username);
+                    Thread.sleep(150);
+                    break;
+                } else {
+                    // exponential timeout to prevent brute force attacks
+                    System.out.println("Incorrect username and/or password.");
+                    Thread.sleep(timeout);
+                    timeout *= 2;
+                }
+            }
+
+            printSystemStatus();
+            printSecretRecipe();
+        } catch (Exception e) {
+            // ignore
+        }
+    }
+
+    private static void printSystemStatus() throws Exception {
+        // TOP SECRET
+    }
+
+    private static void printSecretRecipe() throws Exception {
+        // TOP SECRET
+    }
+}
diff --git a/sheet03/a2/a.txt b/sheet03/a2/a.txt
new file mode 100644
index 0000000..e69de29
diff --git a/sheet03/a2/b.txt b/sheet03/a2/b.txt
new file mode 100644
index 0000000..e69de29
diff --git a/sheet03/a2/c.txt b/sheet03/a2/c.txt
new file mode 100644
index 0000000..e69de29
diff --git a/sheet03/a2/passwd b/sheet03/a2/passwd
new file mode 100644
index 0000000..73fe9be
--- /dev/null
+++ b/sheet03/a2/passwd
@@ -0,0 +1,3 @@
+admin:240be518fabd2724ddb6f04eeb1da5967448d7e831c08c8fa822809f74c720a9
+alice:57a975ec110f89a7ca6a8c39aec856890b10488006106fb12c3a5fe063b1e7d5
+bob:2a3cc87f95b4363a1e6483d4659671361f86239735d31e8c4a9be893a2427c19