Keep it Simple, Stupid - Why the Usual Password Policies Don't Work, and What to Do About It

Explore a thought-provoking conference talk that challenges conventional wisdom on password policies and offers innovative solutions. Delve into the fundamental problems with common password practices and discover a novel approach that balances risk management with user-friendliness. Learn about the history of password policies, formal password attack models, and the usability challenges associated with passwords. Gain insights from the speakers' experiences implementing their solution, which promises measurable strength improvements and enhanced usability without relying on password aging. Understand why traditional password rules often fall short and how to devise more effective strategies for organizational cybersecurity.