Ion Todd - Password Security for humans

Password security is something which is always in the back of our minds, we know that the best practice is to use a password manager and have unique, random passwords for each account, but this advice can be hard to follow. With sites such as Linkedin, Dropbox, Ebay, Steam and Ashley Madison having their databases dumped, the question is not “will my password be compromised?” but “When?”. Services like HaveIBeenPwnd makes it easy to find out when one’s passwords have been compromised, but how should everyday users respond to breaches and how do humans choose and manage passwords securely? This talk aims to explain the importance of unique passwords and what the impact of bad password hygiene can be. We will then take a look at how attackers exploit/use weak passwords in order to come up with reasonable recommendations for choosing secure passwords.