Honeywords - Detectable Password Theft

Explore the concept of "Honeywords" as a solution to detect password theft in this 16-minute Security BSides London talk by Gavin Holt. Learn about the implementation of Honeywords, which function similarly to network Honeypots by seeding fake passwords to flag unauthorized usage. Discover how this technique can help identify password breaches, potentially trigger automated risk mitigation actions, and prevent password dumps from being used across multiple services. Delve into topics such as plain text passwords, hacker tactics, database creation, scaling strategies, workflow integration, API implementation, and the benefits of user awareness in enhancing overall password security.

Introduction
Why is passport safe
Password theft
Plain text passwords
How do you know
Hackers are sneaky
Implementing Honeywords
Creating a database
Scaling up
Workflow
knowway
API
Benefits
User Awareness
Summary