Using Lockpicking to Teach Authentication Concepts

BSidesLV 2018

Presented by: Kat Sweet
Date: Wednesday August 08, 2018
Time: 10:00 - 10:55
Location: Ground1234!

When we teach security, we often face challenges in conveying our knowledge to a non-security audience. Ideas such as authentication bypass, password uniqueness and complexity, and defense-in-depth are abstract and can be difficult to grasp for those who aren’t already well-versed in the language of security. We need novel approaches to teaching security that go beyond language.Driven by the educational theory of embodied cognition — using hands-on, concrete metaphors to build a better understanding of abstract concepts — I explore teaching lockpicking alongside teaching authentication and security concepts. As security professionals, we deal largely in abstractions, but experiencing physical representations of those abstractions helps solidify understanding of them, both for us and for end users.

Kat Sweet


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats