Review – PASSWORD 2014 Conference, December 8-10 2014 in Trondheim

blog_password2014_danach
A wide range around the topic Password was offered at the conference. Password policy, problems of password manager, password strength, password auditing, Rethinking Android Lock Pattern, Behavioral Biometrics, Password Hashing with Salt & Pepper …to name just a few…
Link to the whole agenda
Link to the proceedings

video
It was very interesting and important to look at the issue from many different perspectives.
Otherwise there is always a risk that one might be a little blinkered.
Most of the lectures analyzed existing application or protocols. They analyzed faults and weaknesses. Sometimes it sounded a little bit complacent such like – I’ll see if I can make your sandcastle broken.
A lot of things not working well were enumerated without addressing the potential political and social consequences of not solving these faults.

The password will not die in 2015 – as in all previous years.
But – there is a lack of real advanced and tangible implementations to enable the user to move independently and safely within the cyberspace and to protect users’ credentials in an innovative way.
Based on the conviction that we could offer this, we have expected more discussion and feedback during our session.