Sex, Secret and God: A Brief History of Bad Passwords

Presented at BSidesLV 2017, July 25, 2017, 3 p.m. (55 minutes)

Most of what we've been told over the years about what makes a good password has been wrong, so it's no surprise most people pick bad passwords. This talk will cover the history of password policy and password cracking starting from the days before computers had passwords up to modern password cracking and modern protections against it. Along the way I'll cover Richard Stallman's little-known history as a password cracker, the golden days of password guessing featured in movies like Hackers and WarGames, and draconian IT password policies and why they don't work. By the end everyone should have plenty of ammunition to take back to their IT department and get rid of those horrible password policies.

Presenters:

• Kyle Rankin - Vice President, Engineering Operations - Final, Inc.
  Kyle Rankin is the Vice President of Engineering Operations for Final Inc.; the author of Linux Hardening in Hostile Networks, DevOps Troubleshooting, The Official Ubuntu Server Book, and Knoppix Hacks, among other books; and an award-winning columnist for Linux Journal magazine. He speaks frequently on security and Open Source software including at O'Reilly Security Conference, CactusCon, SCALE, OSCON, Linux World Expo, and Penguicon.

Links:

• https://bsideslv2017.sched.com/event/BNFR/sex-secret-and-god-a-brief-history-of-bad-passwords
• https://infocon.org/cons/Security BSides/BSides Las Vegas/Bsides Las Vegas 2017/Sex, Secret and God A Brief History of Ba.mp4
• https://infocon.org/cons/Security BSides/BSides Las Vegas/Bsides Las Vegas 2017/Sex, Secret and God A Brief History of Ba.eng.srt (subtitles)
• https://www.youtube.com/watch?v=bz6Axn2uF80

Similar Presentations:

• CackalackyCon 2 (2023) / Password Attacks 101: Exploiting Human Weaknesses
• HOPE 2020 Virtual Rescheduled / Password Superpowers: How to Crack Hashes and Stump Hackers
• AppSec USA 2014 / Your Password Complexity Requirements are Worthless