Brute-Force and Escape Games


This does not mean breaking shit.

In the context of an escape game, this usually means the act of plugging numbers into a lock until it pops. This is not usually elegant.

Common use in Escape Games

You’ve figured out three numbers in a four digit combo, then spin the final disk a few times until you hear a click.

The reason this trick works is because some games have players derive individual numbers one at a time.

Lock Brute Force Room Escape Artist

When doesn’t this work?

It works really well when you know all but one digit of a combo because there are only 10 options remaining (assuming that you have a typical number lock).

Depending upon the lock and your ability to manipulate it, brute-force can work with two numbers remaining because there are only 100 possible pairings. It’s not necessarily fun to do, but in a pickle, it will get the job done.

Once you get past two digits, you’re looking at different degrees of why bother?

3 digits = 1,000 number sets

4 digits = 10,000 number sets

5 digits = 100,000 number sets

6 digits = 1,000,000 number sets

The thing about brute-force is that if you have enough time, it always works… But it isn’t fun and you have less than 60 minutes in an escape game.

No brute-force policies

Some companies forbid brute-force of any kind. This is a sign that at least one puzzle in their game is intellectually fragile. They do not believe that their game is tough enough to allow players the freedom to improvise.

No brute-force policies are bad. They are tantamount to saying, “welcome to our game, now turn off your imagination.”

If game designers don’t want brute-force, then they should avoid triple digit locks, and puzzles that make you piece combos together one digit at a time. It’s immanently doable.

We’ve seen some very interesting counter brute-force strategies from smart companies.

I’m not keen on being babysat by a game-master. Take my money, put me in a sturdy, challenging, and fun room, then let me loose to solve the puzzles. Don’t fuss about how I do it.

For more tips

Brute-force is one escape room tactic. For more tips, check out our Player Tips section.

9 thoughts on “Brute-Force and Escape Games

  1. I completely agree. As long as the players don’t bring in any tools, all creativity with in game objects should be legal.

    We had some folks play who were part of a lockpicking club and they were able to open some of our combo locks by hearing clicks as they spun the dials.
    I found that perfectly acceptable, and they actually lost. If they had found a paper clip or something In game that allowed them to open locks I would have felt the same.
    It is up to designers to nerf the game so players feel like anything is possible.
    If you plunk your cash down, you are now the star of a heist film, and within clear guidelines you should feel free to make bold choices and play hard.

    Liked by 2 people

  2. I really don’t like the term “brute force” for this kind of activity. As an escape room designer and operator, the use of actual brute force is a nightmare, and is used by jerks unable to really play the game.
    Why can’t we refer to this as a kind of “hacking”? As in “I got 3 of the numbers, and I hacked the last one.” Is there a precedent for referring to this practice as brute force?

    Aside from the semantic critique, as a game designer we have a couple 2 number locks in our rooms that just asking to be hacked, and doing so doesn’t interfere with game play. BUT if players decide to hack a more complex lock, there’s a good chance they will be disoriented since they haven’t followed the path, and can no longer determine what is a relevant clue, or if they have all the pieces to it.
    Just my 2 cents. Great blog!

    Liked by 1 person

    1. “Brute-force” really is the correct term (which is why we opened the post explaining that we don’t condone breaking things); the term is from cryptography and has a long and distinguished hisory.

      The word “hacker,” while not totally inappropriate has a broad and fuzzy definition. From my perspective, an escape room experience is a giant hack on the part of the players. Brute-force is a tool that can be used as part of that hack.

      As far as puzzle circumvention resulting in player confusion is concerned, I think that it is a risk, but it’s a risk born of the players’ decision. It’s better to have a player make a decision that results in them losing, then it is to limit their decision-making options and have them leave feeling like the rules prevented them from playing the game the way they wanted to.


  3. Interesting tactic – didn’t realise until now but it makes complete sense to try out all the combinations if you’re missing out on the last digit on a combination lock.

    Next time I run into a combination lock, I’m going to remember this.


    Liked by 1 person

  4. P.S. I was thinking of this post last week when I had to brute-force my own 3-digit combination lock in the Space Station — a team had somehow managed to accidentally reset it…

    Liked by 1 person

  5. Hi David, you say “We’ve seen some very interesting counter brute-force strategies from smart companies.” Can you elaborate?


    1. We’ve seen puzzles that make players derive a solution one digit at a time, but the final puzzle solution makes the player shift the order of those digits. This prevents players from solving most of the puzzle and then brute-forcing the final digit or two.


Allow your thoughts to escape

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s