Abusing Password Reuse at Scale - Bcrypt and Beyond

Explore advanced techniques for exploiting password reuse vulnerabilities in this BSidesLV conference talk. Delve into the intricacies of password hashing, cracking methods, and the impact of mega breaches on cybersecurity. Learn about offline credential stuffing, strategies for strengthening hashes, and the balance between opportunistic and targeted attacks. Gain insights into improvements in password security, the concept of password streams, and the use of random words in password creation. Engage with a comprehensive agenda covering topics from hash fundamentals to cutting-edge password exploitation techniques, concluding with a Q&A session to address specific queries and concerns.

Intro
Agenda
About me
What is a hash
How do we crack passwords
Making hashes stronger
Mega breaches
Opportunity vs target
Offline credential stuffing
Improvements
Questions
Random Passwords
Password Streams
Random Words