Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
Welcome to BSidesLV 2016, our 8th annual BSides in beautiful Las Vegas, Nevada!
View analytic
Wednesday, August 3 • 14:00 - 14:50
Modeling Password Creation Habits with Probabilistic Context Free Grammars

Sign up or log in to save this to your schedule and see who's attending!

People are not good at being unpredictable. It’s common knowledge that with passwords certain words are more common than others. Same goes for mangling rules. The problem comes into incorporating that knowledge into real world use cases. Probabilistic context free grammars (PCFGs) are one approach that can help turn the way we talk about password creation habits into how we actually model them. While the most obvious use for these techniques is to crack passwords, PCFGs also show promise with generating honeywords, (synthetic passwords), and designing more user friendly and secure password creation policies. To put it another way, by more effectively modeling how users create passwords we can design better security solutions.

This talk will focus on recent advancements with using PCFGs in the area of password research.

Speakers
avatar for Matt Weir

Matt Weir

Mitre
I've been cracking passwords for about 10 years now. I got my start working in the E-Crimes and Investigative Technologies (ECIT) lab at Florida State University, and I've been obsessed with building and breaking authentication systems ever since. I've been the local rep for the John the Ripper team at numerous Defcons though I'm also a huge fan of Hashcat. I also enjoy reading academic papers and trying to figure out how to use their findings in... Read More →


Wednesday August 3, 2016 14:00 - 14:50
Passwords16 Tuscany