PRESENTATION: William Cheswick, AT&T, on passwords

Previously on Risky Business...
20 May 2008 » Risky Business Extra

In this AusCERT presentation by AT&T staffer and security legend Bill Cheswick says passwords, as they exist today, are dead. While it might not be the most original topic, Cheswick's presentation is a lot of fun.

He worked on early firewalls and honeypots at Bell labs in the 80s, and has since done a bunch of interesting stuff including thew internet mapping project. Have you ever heard of a network being described as crunchy on the outside and gooey on the inside? Well, that came from a USENIX paper Cheswick wrote in the early 90s. He's also an excellent speaker.

So here's his AusCERT talk, where he spends the first minute and a half reading from various password policies... bear with him though, it's a great presentation.