[NBLUG/Announce] NBLUG May 9th - Sex, Secret and God: A Brief History of Bad Passwords (Kyle Rankin)

Allan Cecil allan at nblug.org
Tue Apr 18 15:05:55 PDT 2017


Topic: Sex, Secret and God: A Brief History of Bad Passwords
When: Tuesday May 9th, 7:30 PM to 9:00 PM
Speaker: Kyle Rankin

Location: O'Reilly Media, Sebastopol CA in the Tarsier conference room
past the metal statue and to the right ( http://nblug.org/locations )

Description:
Most of what we've been told over the years about what makes a good
password has been wrong, so it's no surprise most people pick bad
passwords. This talk will cover the history of password policy and password
cracking starting from the days when Richard Stallman hacked the passwords
forced on his MIT computer lab because he considered passwords an
authoritarian method of control. Next I'll discuss the golden days of
password guessing featured prominently in movies like Hackers and WarGames.

Then I'll move to the tech boom and the introduction of draconian IT
policies like password rotation and password complexity and the dirty
little leet-speak password secrets they led to. As we get closer to the
modern day I'll discuss the "correct horse battery staple" password
renaissance and more modern approaches to password cracking spawned by
tools like oclhashcat and giant password databases dumps like the RockYou
hack.

I'll finish up with modern attempts to fix the password auth problem such
as new approaches to secure password generation in password managers or
schemes such as diceware as well as cover password auth reinforcements like
the different forms of 2FA (including U2F) and Facebook's new approach to
"I forgot my password" workflows. By the end everyone should have plenty of
ammunition to take back to their IT department and get rid of those
horrible password policies.


More information about the announce mailing list