DjangoCon US 2017 - hunter2: A Symphony of Password Horror by Lilly Ryan
The year is 2017. We have hoverboards, jetpacks, solar-powered cars, and also so many awful passwords that it’s become trivial for pretty much anyone to have their accounts compromised. We’ve got passwords for our passwords. Eight-year-olds with a dictionary and a set of dice can generate mathematically stronger passwords than most corporations that have your credit card details. We spend our days wandering through endless forests of requirements to come up with something that contains no more than twelve letters, a special character, the eye of a newt, and at least one uppercase letter, only to be emailed it back in plaintext if you forget it. And then it goes on a Post-It note on a monitor.
Do not despair - this talk is here to help!
From beginners to experts, all technical folk have the power to build a post-password future. Lilly, an engineer and historian, will guide you through the history of how we got ourselves into this state, and explain why major companies still think that the best way to keep your stuff secure is to poke their heads out of the tree-house and ask you for the secret word. She will then hand you strong technical tools to help your clients and colleagues understand why there are better things out there than “Welcome1!”, and help you work together to bring a small ray of sunshine into our password-saturated world.