Why Your Password Policy Sucks - Improving Security Through Better Practices

Explore the flaws in common password policies and learn effective strategies for improving cybersecurity in this 51-minute conference talk from Outerz0ne 2011. Delve into real-world examples of password vulnerabilities, understand how users create patterns in their password choices, and examine recent high-profile data breaches. Discover the power of GPU-accelerated password cracking tools like Oclhashcat and cudaHashcat, and gain insights into advanced attack methodologies. Conclude with practical solutions for enhancing password security and overall system protection.

Intro
What are we going to cover?
What's Wrong With Passwords
But we have a password policy
Lets Look at a Real World Examp
People Make Choices Based on Patte
So Why Does this Bad Password Policy Happen?
So How Can Leverage This Info
Brute force vs. Known Policy
Last Few Years Top Breaches
Password Masks
Output of top 5 breaches
So How Does all this Info Help us
Password Cracking Attack Methodola
Crack Me if You Can
Using the GPU to Crack Password
What's better?
Oclhashcat - How does it work?
cudaHashcat Examples
cudaHashcat Rule Examples
Ocalhashcat+ Example
Solutions