Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Wednesday, July 26 • 10:00 - 10:55
Safer Storage and Handling of User Answers to Security Questions

Sign up or log in to save this to your schedule and see who's attending!

Tweet Share
Feedback form is now closed.
Feedback Survey
Like it or not, security question password reset isn’t going away. Most organizations find it to be a cost effective approach that seems to work in practice. While there are many problems with this approach, one has received little attention: how to safely store the answers. I show that common methods used for storing password validation information are not suitable for security questions, and propose better alternatives.
Presenters
avatar for Arnold Reinhold

Arnold Reinhold

A G Reinhold
Arnold Reinhold has been involved with password and passphrase security since the mid-1990s. He is the developer of Diceware, RockSalt, CipherSaber and HEKS, the first password hash designed to consume memory resources as well as CPU time. | | He has worked on spacecraft nav... Read More →

Wednesday July 26, 2017 10:00 - 10:55
Ground1234! (The Tuscany, Tuscany Room) 255 E Flamingo Rd, Las Vegas, NV 89169
  Ground1234!, Talk