Tweet
Friday from 14:00 – 15:50 in Sunset 5 at Planet Hollywood
Audience: Defense Fabian Obermaier
Combo Password is a PoC for using (as the name suggests) key combinations in passwords. There is one nice implication that might justify the increased complexity and other possible gripes: Compared to a normal password, a combo password of the same length has far more possible combinations. This effect is increasing with password length and the number of usable keys. With three available keys and a length of two there are 9 combinations for normal passwords and 15 for combo passwords. Increasing the length to three we get 27 vs 69 combinations. This could lead to less strict password requirements while increasing the security. The goal of this project is to develop a free standard, a browser plugin for using combo passwords in regular login forms and implementations for popular languages, frameworks and PAM. Visit Demo Labs and try to break a real hackers password, there will be a small reward for the fastest brute force tool!
http://combo-pw.tech/ and https://gitlab.com/FalkF/combopassword
Fabian Obermaier
Fabian Obermaier is a software engineer specializing in web technology. He is currently working in the health sector and visits DEF CON to see if his claims hold up against a crowd of hackers. His passions include free and open source soft- and hardware, the web and it's security.
Back to top
Audience: Defense Fabian Obermaier
Combo Password is a PoC for using (as the name suggests) key combinations in passwords. There is one nice implication that might justify the increased complexity and other possible gripes: Compared to a normal password, a combo password of the same length has far more possible combinations. This effect is increasing with password length and the number of usable keys. With three available keys and a length of two there are 9 combinations for normal passwords and 15 for combo passwords. Increasing the length to three we get 27 vs 69 combinations. This could lead to less strict password requirements while increasing the security. The goal of this project is to develop a free standard, a browser plugin for using combo passwords in regular login forms and implementations for popular languages, frameworks and PAM. Visit Demo Labs and try to break a real hackers password, there will be a small reward for the fastest brute force tool!
http://combo-pw.tech/ and https://gitlab.com/FalkF/combopassword
Fabian Obermaier
Fabian Obermaier is a software engineer specializing in web technology. He is currently working in the health sector and visits DEF CON to see if his claims hold up against a crowd of hackers. His passions include free and open source soft- and hardware, the web and it's security.
Back to top