Emerging Trends - Threat & Technology

F4: Passwords—Take the Red Pill

Thursday, June 8, 2023 2:45 PM - 3:45 PM

Room 506


The problem with hashing passwords lies not with the strength of the hash function but with the nature of the population of the values to be hashed. Learn how memory-hard hashing can resist off-line attacks by specialized processors. Can asymmetric encryption, FIDO2, and your phone make all your password woes go away? And what does PCI DSS 4.0 have to say about all of this?

Learner Objectives

—learn why stored passwords are under increasing threat —learn the current guidance on password management —learn about stronger methods to protect stored passwords —learn about PCI DSS 4.0's requirements for passwords —learn if the future is password less