Presentation is loading. Please wait.

Presentation is loading. Please wait.

Python Diceware Fernando Medina Corey Because Our Passwords Suck

Published byValéria Kelemenné Modified over 5 years ago

Similar presentations

Presentation on theme: "Python Diceware Fernando Medina Corey Because Our Passwords Suck"— Presentation transcript:

1 Python Diceware Fernando Medina Corey Because Our Passwords Suck
@fmcorey | fmcorey.com | github.com/fmcorey

2 Why Care About Passwords?
Interactions Money Code Physical World

3 Attacks on or with the Database
How Attacks Happen Attack Theft Propagation Attacks on or with the Database

4 Password Hashes (stuff in the database)
Password  One Way Hashing Algorithm  Password Hash ‘little red riding hood’  MD5 Hashing Algorithmn = C64d7bb00f804b1cc118f7722c6c67e7 But there are some problems...

5 Testing Hashes -hashlib –md5 -How long does this take?

6 How quick can I calculate these?
-Ran this while talking -Calculates about 144K md5 hashes per second -md5 is fast which is actually bad in this case

7 Master Password Considerations
myp455w0rd Crackers know the ‘schemes’ gophillies Rudolf123 Trillion Guesses Per Second Link In a Chain

8

9 Total Possibilities: 5 Billion
A Sample ‘Formula’ But my passwords are better… Common Book Titles (10 Million) Special Characters (50) Birth Year (10) TheTwoTowers%1990 Total Possibilities: 5 Billion

10 Diceware – Strong Memorable Passwords
Word List of 7776 Words Roll Dice and Write Down Rolls Lookup Random Rolls From Wordlist Generate A Memorable Password!

11 Strength Analysis Each Word has 7776 possibilities
Possibilities Modeled By 7776 ^ n N is number of words in passphrase Four Thirty Minutes Five Five months Six 3,600 Years Seven 27 Million Years Eight The Universe Doesn’t Exist Anymore

12 Writing Python Diceware – Components

13 Messages

14 Validation

15 Generating the Password

16 Putting it together

17 Generating the Password

18

19 Don’t trust me! – Audit my code!
Considerations .bash_history Use Password Managers! Use Two Factor Auth! Don’t trust me! – Audit my code!

20 PRIZES FOR QUESTIONS

Download ppt "Python Diceware Fernando Medina Corey Because Our Passwords Suck"

Similar presentations

Basic Sight Words Easier Words.

Basic Sight Words Easier Words.
What we are doing We are writing a piece of work to finish our work on ‘Stone Cold’ This outline is designed to help you Think P>E>C and try to use quotes.

What we are doing We are writing a piece of work to finish our work on ‘Stone Cold’ This outline is designed to help you Think P>E>C and try to use quotes.
What’s the time, please? What time is it, please? Could you tell me the time, please? It’s… Review.

What’s the time, please? What time is it, please? Could you tell me the time, please? It’s… Review.
The.

The.
Unit 4 – Combinatorics and Probability Section 4.4 – Probability with Combinations Calculator Required.

Unit 4 – Combinatorics and Probability Section 4.4 – Probability with Combinations Calculator Required.
220 Dolch Words.

220 Dolch Words.
1 Special Interest Group March 1st, Korea, Seoul PGP Key Management.

1 Special Interest Group March 1st, Korea, Seoul PGP Key Management.
Zero 0 Show Me Zero One 1 Show Me 1 Two 2 Show Me 2.

Zero 0 Show Me Zero One 1 Show Me 1 Two 2 Show Me 2.
2 nd Grade.  ______ make passwords eight or more characters long.

2 nd Grade.  ______ make passwords eight or more characters long.
BLT #10 1 - 50. go help look at run.

BLT # go help look at run.
The. to and a I you it in said for up look.

The. to and a I you it in said for up look.
Dolch Word List - 220 Directions: This is the Dolch words list. They are 220 words that occur frequently in reading. Your child should be able to recognize.

Dolch Word List Directions: This is the Dolch words list. They are 220 words that occur frequently in reading. Your child should be able to recognize.
Identification Authentication. 2 Authentication Allows an entity (a user or a system) to prove its identity to another entity Typically, the entity whose.

Identification Authentication. 2 Authentication Allows an entity (a user or a system) to prove its identity to another entity Typically, the entity whose.
CLICK THE NUMBERS IN SEQUENCE

CLICK THE NUMBERS IN SEQUENCE
Thinking Deeper SPI 0501.5.7 Determine appropriate inferences and draw conclusions from text.

Thinking Deeper SPI Determine appropriate inferences and draw conclusions from text.
Kindergarten Sight Words. a and to of the I.

Kindergarten Sight Words. a and to of the I.
Sight Words and are a I can for go have he.

Sight Words and are a I can for go have he.
Skip Counting Practice

Skip Counting Practice
The long hand is the minute hand. The short hand is the hour hand.

The long hand is the minute hand. The short hand is the hour hand.
Dolch Word List - 220 Directions: This is the Dolch words list. They are 220 words that occur frequently in reading. Your child should be able to recognize.

Dolch Word List Directions: This is the Dolch words list. They are 220 words that occur frequently in reading. Your child should be able to recognize.

Similar presentations

Ads by Google