Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Toward Better Password Requirements

BSidesLV via YouTube

Overview

Explore the evolving landscape of password security in this 57-minute conference talk from BSidesLV 2016. Delve into Jim Fenton's insights on improving password requirements, covering topics such as the SP 800-63-3 update, guiding principles, and standards language. Learn about crucial aspects of password management, including maximum length, character sets, composition rules, and dictionary usage. Examine the implications of verifier storage, secret display practices, and memorized secret expiration. Gain understanding of pre-registered knowledge, out-of-band authenticators, and the role of biometrics in modern authentication. Engage with the ongoing conversation surrounding password security and discover strategies for implementing more effective password policies.

Syllabus

Intro
Disclaimer
A little about SP 800-63
The SP 800-63-3 update
Guiding principles
Standards language
What's in and out in 2016?
Maximum length
Space characters
Character set
Hints and prompts
Throttling
Composition
Dictionaries: questions
Dictionary investigation
Dictionaries: takeaways
Verifier storage
Displaying secrets
Memorized Secret expiration
Pre-registered knowledge
Out of Band authenticator
SMS as OOB authenticator
Biometrics
Join the conversation

Taught by

BSidesLV

Reviews

Start your review of Toward Better Password Requirements

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.