Posted
08.05.2015

* PasswordsCon: Live from the conference that’s all about passwords

It’s 99 degrees at about 9:30 pm here in Vegas, as I complete my first day at PasswordsCon, which is technically a “track” at a larger two-day hacker conference called BSides Las Vegas. (The mother of all hacker conferences, DEFCON 23, begins on Thursday and I’ll be sweltering at that, too.)

My interest in passwords and authentication rose dramatically last fall, after my piece on StateoftheNet.Net, The Big Password mistake that Hackers are Hoping You’ll Make, also went viral on both Huffington Post and Alternet. Clearly, the subject is of great interest to the public.

So here I am at an event devoted entirely to passwords.

Today, I attended these talks, which I’ll discuss in more detail in follow-up posts:

Password Privacy and Keystroke Dyamics

Unspeakable Passwords

Pushing on String: Adventures in the ‘Don’t Care’ Regions of Password Strength

What Would Fix Passwords?

Tell Me Who You Are and I Will Tell You Your Lock Pattern

Scrutinizing WPA2 Password Generating Algorithms in Wireless Routers

Some of these talks were quite accessible to someone like me who lacks any serious expertise in hacker techniques, while other talks were quite technical. I’ll give you the gist of what all of them mean to the average person. I did learn a lot from these talks about:

Ways of tracking users online that I hadn’t dreamed of (and I’ve been covering online privacy for 20 years!)

Why password strength isn’t always as important as it’s cracked up to be

Just how weak Android lock patterns can be

How we humans’ predictability and laziness undermines so much of online security

How truly lousy router security remains

On day two of PasswordsCon, I’ll be hearing about, among other things, those annoying security questions we all have to answer, forgotten passwords, multi-word pass phrases and whether you actually need passwords.

I must give a big shout out out here to Genevieve Southwick (@Banasidhe), Executive Producer and President of the Board of Security BSides Las Vegas, Inc., who helped me get my credentials for BSidesLV after I had royally screwed up my registration process. Thanks, Genevieve!

 

Comments are closed.

Tweets

@elonmusk Why you don't STFU already?? Go back to your apartheid homeland, asshole.
- Saturday Dec 17 - 4:03am

@elonmusk Cut the shit already asshole. Your stupid, phony "polls" mean nothing to anyone with a brain & education.… https://t.co/UDPfCXCoPm
- Saturday Dec 17 - 12:10am

@SenatorLorettaW @GOPLeader And then they'll go about their usual GQP BS.
- Saturday Nov 26 - 1:40am

@SWCEAGLE @elonmusk Yeah, an 8-inch "cigar" really makes the man. 🤮
- Friday Nov 25 - 7:39pm

SUPPORT

STATE OF THE NET.NET

Buy Jeff’s baseball book as a gift for a Yankees fan in your life.
100% of the pub- lisher royalties will be used to support this site.

find us on facebook
Designed by RocketWP WordPress CMS & SEO Services