Overview
Explore the security of multi-word random passphrases in this 30-minute conference talk from BSidesLV 2015. Delve into the concept of passphrases, including pseudonatural language phrases and similar information. Learn about password cracking techniques and methods for estimating passphrase strength. Compare different types of passphrases and examine the impact of word choice on security. Discover strategies to increase passphrase strength, including optimal length and resistance to shortcuts. Analyze cracking time estimates and consider Bruce Schneier's insights on password usability. Discuss appropriate use cases for passphrases in various sectors, such as retail and finance, while avoiding unnecessary complexity.
Syllabus
Introduction
What are passphrases
Pseudonatural language phrases
Similar information
Dice
KDC 936
Password cracking
How do we estimate strength
Comparing Passphrases
The Words
How to Increase Password Passphrase Strength
Password Passphrase Length
Cracking Time
Shortcuts
Resistance
Bruce Schneier
Password Usability Resource
Retailers
Financials
When to use them
Avoid unnecessary maximals
Taught by
BSidesLV