In 2016 376 Million user accounts were exfiltrated from 3 websites. Large scale data breaches of user’s e-mail addresses and passwords are becoming more common. If your company is the victim of one of these attacks it could damage your customers and your company's reputation. This summer camp pow-wow is for developers, architects and server teams who must secure your customer's security credentials. Rather than just relying upon preventing the attack, we will focus on mitigating the damage should you fall victim to a breach. We will look at: • "Password math" that shows you how the choices you make can have a dramatic effect on the strength and security of the passwords that you store • The pattern that you SHOULD be using to securely store password and some code to implement it (C# - but it works in any language!) • The tools and hardware that the "bad guys" use once they have exfiltrated the data • The exploits that come from data other than just the password (Hint: The password hint can be a really bad idea!) In addition to looking at the code you should be writing, we will also give you the tough questions to ask your vendors if you are using packaged systems or Software as a Service solutions.
Password security: You might be doing it wrong
That Conference 2017
Day: Wed, Aug 9 Time: 2:30 PM Location: D (map)
Level: 300 Primary Category: DevOps Secondary Category: Other
Tags: security, passwords, Hashing, cybersecurity, ethical hacking