Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

RSAC 2015: RSA Conference (Day 4)

Steve Ragan | April 24, 2015
Today's the final day for a majority of the action at RSAC. There's plenty happening tomorrow, but the expo halls close today, so most of the crowd will be heading home soon.

The fifth hash was a phrase, which had some degree of randomness. It will eventually be cracked — I just didn't give them enough time to do it.

  • 1E091A88703C6AE122D27142B7FA560C (Mju765tgb)
  • 2AC9CB7DC02B3C0083EB70898E549B63 (Password1)
  • 161EBD7D45089B3446EE4E0D86DBCF92 (P@ssw0rd)
  • 32F6BDC00ADB77635E78FF8CAB9D7DFD (Zaq123edc)
  • E26EB03A0A62B42C37CD44833178099E (Steve'sjobiswithIDG1234)

"Passwords are not going away any time soon, so what we need is a stopgap; and passphrases are one possible solution," said Garret Picchioni, security consultant with Trustwave.

"They provide a win-win alternative for both the end user and the organization itself. For the organization it's a win because passwords of a required length overcome many technological cracking techniques that exist today. For the user, it's a win because it's a password they can remember."

There's nothing wrong with using a weak, easily broken password on a website that isn't all that important, especially if you save long, random passwords for the websites that matter — like a bank.

I'm still a fan of password managers, as they only require me to remember a single phrase. For the record, my phrase is actually random words separated by other characters. That password I know, the same goes for my throwaway passwords, but I couldn't tell you my VISA password to save my life.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.