An overview of passwords, bad passwords, password managers and ways to make it better.

1. PA S S W O R D S A R E D E A D
P R O D E V D AY - 2 1 S E P T E M B E R 2 0 1 8
L O N G L I V E T H E PA S S W O R D

2. T
H
E
PA
S
S
W
O
R
D
I N T H E B E G N N I N G , T H E R E WA S

3. A N D I T H A D O B S C U R E R U L E S

4. A L L T H E S E
R U L E S G O T U S
S O M E T R U LY
E X C E L L E N T
PA S S W O R D S
( N O T )
• The top 15 passwords on the 2017 list:
• 1. 123456 (Unchanged)
• 2. Password (Unchanged)
• 3. 12345678 (Up 1)
• 4. qwerty (Up 2)
• 5. 12345 (Down 2)
• 6. 123456789 (New)
• 7. letmein (New)
• 8. 1234567 (Unchanged)
• 9. football (Down 4)
• 10. iloveyou (New)
• 11. admin (Up 4)
• 12. welcome (Unchanged)
• 13. monkey (New)
• 14. login (Down 3)
• 15. abc123 (Down 1)

5. N AT I O N A L I N S T I T U T E O F
S TA N D A R D S A N D T I M E
F R O M T H E F I N E F O L K S AT N I S T
N I S T 8 0 0 - 6 3 - 3
1) Remove periodic password change requirements
2) Drop the algorithmic complexity song and dance
3) Require screening of new passwords against lists of
commonly used or compromised passwords

6. THEPASSPHRASE
E N T E R :
CHEESE
MOOSE
HOTEL
ISHTAR

7. THEPASSPHRASE
E N T E R :
CHEESE MOOSE HOTEL ISHTAR

9. A L O N G , C O M P L E X PA S S W O R D
T H E O N LY T H I N G B E T T E R I S :
T H AT Y O U D O N ’ T H AV E
T O R E M E M B E R

10. Fully Private
Fully Secure
Fully Open
Fully Collecting
Utility
???
Uninformed
What do I pick?
Huge utility, huge
data disclosure
B A L A N C E
B U T F I R S T, A W O R D O N

11. Fully Private
Fully Secure
Fully Open
Fully Collecting
Utility
Better informed
Still want utility
Might make better
choices
It’s clear what is collected
It’s clear what it is used for
It’s clear who they share it with
It’s clear how long they keep it
It’s presented so that average beings
can read it quickly and clearly
B A L A N C E
B U T F I R S T, A W O R D O N

12. OMG!
I can use w/o sharing
everything?
I can decide what to
share?
Fully Private
Fully Secure
Fully Open
Fully Collecting
It’s clear what is collected
It’s clear what it is used for
It’s clear who they share it with
It’s clear how long they keep it
It’s presented so that average beings
can read it quickly and clearly
Utility
B A L A N C E
B U T F I R S T, A W O R D O N

13. Fully Private
Fully Secure
Fully Open
Fully Collecting
I can trust because I’ve verified
They do what they say they do
More value, more control
Data security practises
Depersonalisation (and even better,
aggregation)
Retention (GET RID OF IT FAST!)
Use an identity that user’s care about
and protect
Utility
B A L A N C E
B U T F I R S T, A W O R D O N

14. T H E PA S S W O R D M A N A G E R
E N T E R :

16. K E Y F E AT U R E S O F
PA S S W O R D
M A N A G E R S T O D AY
• Secure storage of info
• Syncing across devices
• Generate strong passwords
• Show password re-use
• Check for weak passwords
• Desktop & Mobile Support
• One Password to Rule Them All
• Amaze Your Friends with Password
Filling Speed

17. – D A N I E L AYA L A
“A demo is worth 1000 questions”

18. U N S A F E AT A N Y S P E E D
S M S F O R 2 FA I S

20. G O O G L E 2 FA

21. A P P L E 2 FA

22. D U O 2 FA

23. D U O F R E E E D I T I O N
https://duo.com/pricing/duo-free

24. A
RE
BELO
N
G
TO
U
S
A L L Y O U R K E Y S

26. MAINTENANCE
O N G O I N G

27. P W N E D ?
H AV E I B E E N
https://haveibeenpwned.com/

28. S O T E L L M E …

29. USETHETOOLS,
LUKE

30. D
O
N
’T
F O R T H E L O V E O F A L L T H I N G S S E C U R E A N D H O LY
PA
SSW
O
RD
S

31. And never ever eat pears!
R E - G E N E R AT E
D O N ’ T R E - U S E ,

32. R E - G E N E R AT E
D O N ’ T R E - U S E ,

33. P R I VA C Y
Y O U D I D N ’ T T H I N K I W O U L D G O A W H O L E TA L K W / O M E N T I O N I N G
https://www.entrepreneur.com/article/320105

34. – S G T. E S T E R H A U S
“Let’s be careful out there”
https://vimeo.com/232565071