DEF CON Forum Site Header Art

Announcement

Collapse
No announcement yet.

Combo Password

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Combo Password

    Friday from 14:00 – 15:50 in Sunset 5 at Planet Hollywood
    Audience: Defense Fabian Obermaier


    Combo Password is a PoC for using (as the name suggests) key combinations in passwords. There is one nice implication that might justify the increased complexity and other possible gripes: Compared to a normal password, a combo password of the same length has far more possible combinations. This effect is increasing with password length and the number of usable keys. With three available keys and a length of two there are 9 combinations for normal passwords and 15 for combo passwords. Increasing the length to three we get 27 vs 69 combinations. This could lead to less strict password requirements while increasing the security. The goal of this project is to develop a free standard, a browser plugin for using combo passwords in regular login forms and implementations for popular languages, frameworks and PAM. Visit Demo Labs and try to break a real hackers password, there will be a small reward for the fastest brute force tool!

    http://combo-pw.tech/ and https://gitlab.com/FalkF/combopassword

    Fabian Obermaier
    Fabian Obermaier is a software engineer specializing in web technology. He is currently working in the health sector and visits DEF CON to see if his claims hold up against a crowd of hackers. His passions include free and open source soft- and hardware, the web and it's security.
    Back to top
    Last edited by heisenberg505; July 7, 2019, 10:21.
Working...
X