YoVDO

Toward Better Password Requirements

Offered By: BSidesLV via YouTube

Tags

Security BSides Courses Cybersecurity Courses Password Management Courses Character Sets Courses

Course Description

Overview

Explore the evolving landscape of password security in this 57-minute conference talk from BSidesLV 2016. Delve into Jim Fenton's insights on improving password requirements, covering topics such as the SP 800-63-3 update, guiding principles, and standards language. Learn about crucial aspects of password management, including maximum length, character sets, composition rules, and dictionary usage. Examine the implications of verifier storage, secret display practices, and memorized secret expiration. Gain understanding of pre-registered knowledge, out-of-band authenticators, and the role of biometrics in modern authentication. Engage with the ongoing conversation surrounding password security and discover strategies for implementing more effective password policies.

Syllabus

Intro
Disclaimer
A little about SP 800-63
The SP 800-63-3 update
Guiding principles
Standards language
What's in and out in 2016?
Maximum length
Space characters
Character set
Hints and prompts
Throttling
Composition
Dictionaries: questions
Dictionary investigation
Dictionaries: takeaways
Verifier storage
Displaying secrets
Memorized Secret expiration
Pre-registered knowledge
Out of Band authenticator
SMS as OOB authenticator
Biometrics
Join the conversation


Taught by

BSidesLV

Related Courses

Regular Expressions from Scratch to Pro
YouTube
Learning Regular Expressions
LinkedIn Learning
Learning Regular Expressions
LinkedIn Learning
Mastering Regular Expressions in JavaScript
Udemy
Understand Regular Expressions
Laracasts