YoVDO

Rethinking Password Strength Beyond Brute-force Entropy

Offered By: BSidesLV via YouTube

Tags

Security BSides Courses Cybersecurity Courses Entropy Courses Password Management Courses Password Security Courses

Course Description

Overview

Explore the complexities of password security in this 32-minute conference talk from BSidesLV 2017. Delve into the limitations of traditional password strength metrics, examining why entropy calculations and brute-force resistance alone are insufficient. Investigate the impact of password rotation policies, the fallacy of relying solely on length, and the importance of considering human behavior in password creation. Learn about alternative approaches to measuring password strength, including the diceware method, and gain insights into creating more effective security policies. Discover why common practices like using usernames as passwords pose significant risks, and understand how to better educate users on secure password practices.

Syllabus

Intro
Why Do I Password?
Entropy of Password Lists
I hate rotating passwords!
Long Passwords Won't Save You
Alice Teaches Bob About Security
Bad Passwords, Usernames
Measuring Entropy
What was that diceware thing?


Taught by

BSidesLV

Related Courses

Statistical Molecular Thermodynamics
University of Minnesota via Coursera Thermodynamics
Indian Institute of Technology Bombay via edX Introduzione alla fisica sperimentale: meccanica, termodinamica
Politecnico di Milano via Polimi OPEN KNOWLEDGE Statistical Thermodynamics: Molecules to Machines
Carnegie Mellon University via Coursera Engineering Thermodynamics
Indian Institute of Technology Kanpur via Swayam