[talk] Obscurity Vs Security
Sujit K M
kmsujit at gmail.com
Sun Jan 7 00:25:44 EST 2018
I find a usecase which we should check while securing security.
Obscurity. I know we have a way of remembering password/credit
card pins. Some write it down in a book, or personal device. But
we unknowingly remember a change or a failure to authenticate
with a short cut which I call mental calculation. Now that breaks
the contract that it is not an repeated password at the least.
As per me we should check as I call it obscurity while allowing people
to change password. As you would see we might be using a sequence
of alphabets/number/special characters in the password which makes
it easier to crack the password/pin. Any compromise can make it
easier your set of password not just at the compromise location but
at any place where you have made a presence.
More information about the talk
mailing list