Description: Abstract:For end users we have been trying to get users to understand the importance of constructing good passwords. We provide guidance on what a good password is (even though the guidance that I have seen is still usually unacceptable in most places when compared to NIST guidelines). We spend a lot of time telling the user to “do this because security experts advise it, or it’s part of our policy” but we don’t really provide an incentive or an understanding of why we tell them to do this. Well humans are programmable, and the best way to see the human brain is to look at it like a Bayesian network. It requires training for it to adapt to change, and repeated consistent data to be provided. Gmail and LinkedIn and the likes all offer 2-factor authentication but the percentage of adoption is low. One thing I’ve learned about humans is that in most cases, they will take the path of least resistance when it comes to change management, and only when applied pressure (road block is a nice way of putting it) or a reward is offered does this usually disrupt this path.
For More Information Please Visit : - https://passwordscon.org/vegas/
http://www.irongeek.com/i.php?page=videos/passwordscon2014/mainlist
Tags:
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.