Webcast: Passwords: You Are the Weakest Link

Why are companies still recommending an 8-character password minimum? 

Passwords are some of the easiest targets for attackers, yet companies still allow weak passwords in their environment. Multiple service providers recommend 8-character minimum passwords based on outdated data. 

Download Slides: https://www.activecountermeasures.com/presentations

3:26 – In The Beginning

4:23 – What The Experts Say: PCI

5:55 – What The Experts Say: Microsoft

9:29 – What The Experts Say: NIST

16:01 – What The Experts Say: Google

16:28 – What The Experts Say: Apple

16:42 – Still More Experts

17:49 – Why 15 Characters

18:06 – Brute Force, Password Spray

22:48 – Password Cracking

23:25 – A Hashing Algorithm, More About Hashes

25:49 – So What Is Password Cracking

27:16 – Windows Hashes, The LM Hashing Algorithm, “LM Hash Is “”Weak””, LM Vs. NTLM Cracking

31:14 – Why 15 Character Passwords – Answer, CJ’s Response to the Problem

36:32 – Let’s See the Math, Examples

40:30 – From the Field

45:03 – Take-Aways

48:33 – Audience Questions & Comments

Because of newer attack methods and increased computing power, password minimums need to be increased to 15 characters to keep networks safe. 

On this BHIS Webcast, Darin & CJ discuss:

  • Current password policies: BHIS recommendations, Microsoft, Google, Apple, NIST
  • Why do we recommend 15 characters – brute force, password crack, LM Hash
  • Passphrase vs. password
  • Recommended password policy summary

Wild West Hackin’ Fest – Most Hands-On Infosec Con!

WWHF_Promo_Image_BLOGS.png

Join us at Wild West Hackin’ Fest in Deadwood — September 23-25th, 2020. Learn more: https://www.wildwesthackinfest.com/


Join the BHIS Blog Mailing List – get notified when we post new blogs, webcasts, and podcasts.

Join 2,573 other subscribers