Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Wednesday, July 26 • 12:00 - 12:25
Rethinking P@ssw0rd Strength Beyond Brute-force Entropy

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
Everywhere you need a password, the requirements follow a basic pattern: X length; must contain (or not contain?!?) lowercase, uppercase, digits, and symbols; must be rotated every Y days. But is that enough? This talk rethinks how we approach password strength, or “entropy”, in the real world.

There are many people who create passwords nonrandomly and think they’re making their passwords look random, but many common “clever” tricks aren’t so, and in fact are very guessable. Rather than calculating entropy as if the passwords were created randomly, we can find new and clever ways of calculating entropy given this knowledge.

Presenters
avatar for Ross Dickey

Ross Dickey

Senior Software Engineer, Rapid7
I am a SysAdmin turned Software Engineer turned DevOp turned security-minded DevOp. I have been in the industry for 14 years but strong into security for over three. Starting around the time of the Ashley Madison hack I've had a passion for passwords, and their use and misuse b... Read More →


Wednesday July 26, 2017 12:00 - 12:25
Ground1234! (The Tuscany, Tuscany Room) 255 E Flamingo Rd, Las Vegas, NV 89169