Lorrie Faith Cranor: What's wrong with your pa$$w0rd?
wie Sie tun, machen, Film, Beispiel
17m 42sLänge
Lorrie Faith Cranor studied thousands of real passwords to figure out the surprising, very common mistakes that users — and secured sites — make to compromise security. And how, you may ask, did she study thousands of real passwords without compromising the security of any users? That's a story in itself. It's secret data worth knowing, especially if your password is 123456 ... TEDTalks is a daily video podcast of the best talks and performances from the TED Conference, where the world's leading thinkers and doers give the talk of their lives in 18 minutes (or less). Look for talks on Technology, Entertainment and Design -- plus science, business, global issues, the arts and much more. Find closed captions and translated subtitles in many languages at http://www.ted.com/translate Follow TED news on Twitter: http://www.twitter.com/tednews Like TED on Facebook: https://www.facebook.com/TED Subscribe to our channel: http://www.youtube.com/user/TEDtalksDirector
Kommentare
-
Why people need to remember passwords? Everybody has dozens of accounts, it's just impossible to remember. Use password managers with randomly generated passwords and remember just one strong password to unlock this program. Videos like this just confuse people. I don't believe many people can remember at least 10 good passwords and where they were used.
-
The password criteria for the different sites and services should be visible when you log inn. It is so annoying trying to log inn and not remember if this site required two symbols or a minimum of 8 characters.
Ideas for passwords: an animal + a thing in the kitchen : dolphinwhisker, hippojarlsberg. -
With the current state of GPU rainbow attacks on hashed passwords, any password that can be remembered is probably not safe.
-
I li
-
It doesn't matter how "secure" your password is, because most people get "hacked" through stupidity. Key loggers, phishing, telling people their password. It's rare for every day individuals to actually be hacked. It's more likely a sever storing the passwords would be hacked, than an individual.
-
My strongest password has 25+ characters written in 3 languages and gibberish with symbols.
-
So.... what would be our password be to be strongest and safest??
-
IF YOU HAVE A LOT OF PASSWORD USE LASTPASS OR ROBOFORM. USELESS TED TALK.
-
carnegie mellon are keeping plaintext passwords? :s
-
I don't understand why thumbprint or retinal scanners have not become more ubiquitous. They would go a long way towards more universally secure authentication systems.
-
That's a whole lotta idiots carrying luggage.
-
the communication industry is actively forcing their users into creating such complicated passwords that the user in frustration will readily accept biometric scans.
once this is accepted everyone literally becomes a number that can be deleted.
the password problem is bullshit
I know people who have had the same 4 digit numeric password to their bank account for more than a decade.
-
Personally, I don't know why she went off of research instead of contacting a hacker or an advanced computer programmer for insight, I believe they should focus on what the hackers goes through as well.. I don't hack but I know how to roll out hashes and stuff.. But, you can still crack long passwords. But take more time. Nothing is uncrackable though the more symbols and stuff you have the longer it takes to crack so that's why it's recommended. Hashes take a while to run through programs at least for me depending on length chosen.
-
Wouldn't using a physical characteristic like Iris, fingerprints or DNA codes be better? Will passwords just be a thing of the past.
-
I think that free and great software like KeePass should be more popular when it comes to passwords and online/offline security.
1. You can generate a 20 characters long password that is hugely complex, like upper + lower + digits + minus + underline + specials (!, $, %, & ...) + brackets.
2. You can keep them all saved up together in one single file that could be easily shared via dropbox, google drive, etc.
3. You can encrypt that file (database) with a password and a key file. Key file that you can carry around on a memory stick.
All you have to remember after that are just the 2 passwords you will ever need to remember in your entire life:
1. the OS passowrd
2. the keepass database password (repetition of the first one, NOT recommended).
I use this system from 2010, it didn't let me down once. And I don't bother with inventing new "secure but easy to remember" passwords anymore. -
Password requirements just decrease security for intelligent people.
If I try "To be or not to be, and the answer is 42 (h1tc##1K3r'z_Gvid3)", the system will reject it on the basis that it contains dictionary words. If I cut it down to "(h1tc##1K3r'z_Gvid3)", the system will accept it. Is the latter more secure than the former?? -
Password, I choose you!
-
Lastpass is the best program ever for managing complex , random generated passwords! I never remember my password, only the master password of last pass. Yet with second factor authentication like yubikey, things gettting even better!
-
Lastpass is the best program ever for managing complex , random generated passwords! I never remember my password, only the master password of last pass. Yet with second factor authentication like yubikey, things gettting even better!