Difference between revisions of "Is That Password Long Enough?"

From 35C3 Wiki

(Created page with "{{Session |Is for kids=No |Has description=Is my 8-character long password secure? Why or why not? This talk looks into reasonable password lengths. |Has session keywords=netw...")
Line 8: Line 8:
|Has subtitle=Entry to medium level talk
|Has subtitle=Entry to medium level talk
|Has start time=2018/12/28 20:00
|Has start time=2018/12/28 20:30
|Has duration=45
|Has duration=45
|Has session location=Room:Lecture room M1
|Has session location=Room:Lecture room M1
Line 31: Line 31:
For questions please contact [[User:tjal]]
Twitter: @tuikc or  [[User:tjal]]

Revision as of 13:51, 22 December 2018

Description Is my 8-character long password secure? Why or why not? This talk looks into reasonable password lengths.
Kids session No
Keyword(s) network, web, hacking, security, safety
Person organizing Tjal
Language en - English
en - English
Other sessions... ... further results

(Click here to refresh this page.)

Subtitle Entry to medium level talk
Starts at 2018/12/28 20:30
Ends at 2018/12/28 21:15
Duration 45 minutes
Location Room:Lecture room M1

How long does a password have to be in order to be safe: 6 chars, 8, 12, or 20?

How many special characters does it need to include?

There is a consensus that passwords should generally be "long" and "complex" but what level of length/complexity is 'actually' useful?

In this talk I want to talk about reasonable password lengths for passwords that you may use personally or professionally. We will look into how passwords are threatened by brute-forcing and credential stuffing and what influence this should have on a password's length - or not. Other aspects of the talk include two-factor authentification, passwords used for encryption versus passwords used in web services, and strategies against password reusage.


This presentation is an easy to mid-level talk aimed at endusers of the internet, journalists, activists but also software developers, system administrators, and those interested in IT security. People with advanced knowledge of IT security may not learn anything new.


30 Minutes talk, 15 minutes for discussion.


Twitter: @tuikc or User:tjal