Highlights of CMU's Recent Work in Preventing Bad Passwords
Offered By: YouTube
Course Description
Overview
Explore the latest research on preventing weak passwords in this conference talk from PasswordsCon 2014. Dive into the current state of password security, examining password requirements, measuring security, and analyzing guessability. Learn about the collection and responsible handling of real, high-value passwords, and compare their characteristics to simulated data. Discover techniques for measuring password strength, including the use of Probabilistic Context-Free Grammars (PCFGs) for long passwords. Investigate the effectiveness of password strength meters and gain insights into ongoing work in the field. Join Sean Segreti and Blase Ur as they present highlights from Carnegie Mellon University's recent work on creating more secure and usable password policies.
Syllabus
The posswords
Current state of affairs Password Requirements
Measuring security
Weir et al.'s PCFG
Guess number graphs
Usability metrics
Collecting passwords
Real, high-value passwords
Accessing data responsibly
Collected vs. real passwords Real CMU passwords
Metrics for comparison
Characteristics vs. strength
Guessability by affiliation
Measuring password strength by simulating password-cracking algorithms
PCFG for long passwords
Long password policies
Visual differences
Scoring differences
Password strength meters
Ongoing work
The continuing quest for secure and usable passwords
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network