Explore the evolution of password security in this comprehensive conference talk from OISF 2015. Delve into the history of password hashes, examining common mistakes and their long-lasting consequences. Learn about key concepts such as watchwords, veneers, and the importance of proper hashing techniques. Investigate various password storage methods across different systems, including Unix, VMS, and NTLM. Gain insights into password cracking tools, shadow files, and modern system vulnerabilities. Discover the impact of rainbow tables, local admin access, and GPU cracking on password security. Understand the critical role of password hashes in protecting sensitive information and the ongoing challenges faced by cybersecurity professionals.
Overview
Syllabus
Intro
Password History
Reinvent the Wheel
Mistakes are Forever
Watchwords
The Israelites
Veneer
swordfish
salsacoast
Passwords
Unix
Why Password Hashes
What is a Hash
VMS
NTLM
Rights Law
Password Cracking
Cracking Tools
Shadow File
Modern System
PWL Files
Domain Storage
Sniffers
PHP
Rainbow Tables
Password Hashes
Local Admin
Mimicat
GPU Cracking
