Why does everyone want to kill my passwords?

BSidesLV 2016

Presented by: Mark Burnett
Date: Tuesday August 02, 2016
Time: 18:00 - 18:50
Location: Tuscany
Track: Passwords

We get it, passwords are a problem. They're a pain to remember, they're always too short (or too long), and the people we trust them with can't even seem to keep them out of hackers' hands. But are the alternatives any better?

Hardly a day goes by that I don't see an article claiming that it's time to kill the password and some new product promises to finally do just that. But how secure and usable are these solutions?

I set out to find this out for myself, trying out as many password killers as I could find for an extended review of how well they work in real-life scenarios.

Some of these products are meant to make passwords easier to use, some make them more secure, and some intend to replace them completely. Some of the products really sucked, but others do show some potential.

In this talk will explain what it was like living with these various authentication tools and what I learned about multifactor authentication.

Mark Burnett

Mark, aka m8urnett, is an independent security analyst with over 15 years of industry experience. He is author of several security books--including Perfect Passwords--and has written for many web sites, newsletters, and print magazines. While much of his day job involves application and OS security, he has a particular passion for passwords and authentication technologies.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats