SBA Live Academy: Policy and Storage with NIST SP800-63b
As our speaker is based in the US, the talk starts at 16.00 CEST!
International Guest Talk
Passwords: Policy and Storage with NIST SP800-63b
by Jim Manico, Founder of Manicode Security & former board member for the OWASP foundation
Everyone involved in software development (developers, team leaders, CISOs in software-oriented companies)
Managing passwords is a critical developer task. Developers tasked with building or augmenting legacy authentication systems have a daunting task when facing modern adversaries. This talk will review some of the changes suggested in NIST SP800-63b the “Digital Identity Guideline on Authentication and Lifecycle Management regarding password policy”. We’ll discuss topics such as credential stuffing and the importance of managing common passwords found in public breaches. We’ll also discuss various strategies around storing passwords using modern algorithms and methods.
– Importance of Password Storage
– Credential Stuffing
– Password Policy Updates from NIST 800-673b
– Password Topologies
– Offline Password Attacks
– Password Cracking
– Password Hashing Strategies
– Password Keyed Protections
– Hard-Coded Passwords and Backdoors
The Program and all details can be found here: SBA Live Academy
About the SBA Live Academy
We are all asked to stay home for the time being.
Invest your home office time in further educating yourself with the SBA Live Academy:
- free of charge
- 3x / week (Tuesday, Wednesday & Thursday)
- 13.00 – 13.30
- 20-minute live talk with one of our IT & Information Security Experts
- Including Q&A on technical and organizational issues
Join our Meetup Group or follow us on LinkedIn or Twitter to get the talk announcement including the link to the live session just before the talk starts!