Why are companies still recommending an 8-character password minimum?
Passwords are some of the easiest targets for attackers, yet companies still allow weak passwords in their environment. Multiple service providers recommend 8-character minimum passwords based on outdated data.
Slides for this webcast can be found here: https://www.blackhillsinfosec.com/wp-content/uploads/2020/09/SLIDES_PasswordsWeakestLink.pdf
3:26 – In The Beginning
4:23 – What The Experts Say: PCI
5:55 – What The Experts Say: Microsoft
9:29 – What The Experts Say: NIST
16:01 – What The Experts Say: Google
16:28 – What The Experts Say: Apple
16:42 – Still More Experts
17:49 – Why 15 Characters
18:06 – Brute Force, Password Spray
22:48 – Password Cracking
23:25 – A Hashing Algorithm, More About Hashes
25:49 – So What Is Password Cracking
27:16 – Windows Hashes, The LM Hashing Algorithm, “LM Hash Is “”Weak””, LM Vs. NTLM Cracking
31:14 – Why 15 Character Passwords – Answer, CJ’s Response to the Problem
36:32 – Let’s See the Math, Examples
<a href="https://www.youtube.com/watch?v=MeU4cuj1KZU&t=2430s" target="_blank" rel="noreferrer noopener" aria...
