Most of what we've been told over the years about what makes a good password has been wrong, so it's no surprise most people pick bad passwords. This talk will cover the history of password policy and password cracking starting from the days before computers had passwords up to modern password cracking and modern protections against it. Along the way I'll cover Richard Stallman's little-known history as a password cracker, the golden days of password guessing featured in movies like Hackers and WarGames, and draconian IT password policies and why they don't work. By the end everyone should have plenty of ammunition to take back to their IT department and get rid of those horrible password policies.
Kyle Rankin is the Vice President of Engineering Operations for Final Inc.; the author of Linux Hardening in Hostile Networks, DevOps Troubleshooting, The Official Ubuntu Server Book, and Knoppix Hacks, among other books; and an award-winning columnist for Linux Journal magazine. He speaks frequently on security and Open Source software including at O'Reilly Security Conference, CactusCon, SCALE, OSCON, Linux World Expo, and Penguicon.