[talk] Obscurity Vs Security

Sujit K M kmsujit at gmail.com
Sun Jan 7 00:25:44 EST 2018


I find a usecase which we should check while securing security.
Obscurity. I know we have a way of remembering password/credit
card pins. Some write it down in a book, or personal device. But
we unknowingly remember a change or a failure to authenticate
with a short cut which I call mental calculation. Now that breaks
the contract that it is not an repeated password at the least.

As per me we should check as I call it obscurity while allowing people
to change password. As you would see we might be using a sequence
of alphabets/number/special characters in the password which makes
it easier to crack the password/pin. Any compromise can make it
easier your set of password not just at the compromise location but
at any place where you have made a presence.



More information about the talk mailing list