Every other week there seems to be a new dump of cracked passwords, hurting innocent and unbeknownst users. It seems as if keeping users passwords safe is an herculean task, even beyond the most resourceful organisations. However it doesn’t have to be.
Password hashing is a important discipline in cryptography. Securing passwords has become so integral to our society that in 2013 a Password Hashing Competition was announced, for the academic community to band together and develop a common recommendation for future use. In this talk I’ll showcase how to handle passwords correctly and safely and clear out misinformation that is still abound in tutorials and blog posts. All with heaps of demos to motivate, make the material concrete and so everyone can follow along!