3 Days Left to Get an iPad Air w/ Smart Keyboard, Surface Go, or $300 Off with OnDemand or vLive Training thru 8/21!


To attend this webcast, login to your SANS Account or create your Account.

Passwords and Authentication - Get Up to Speed on Attacks and Defenses

  • Tuesday, November 27th, 2018 at 10:30 AM EST (15:30:00 UTC)
  • Chris Dale
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

You can now attend the webcast using your mobile device!


What about passwords and authentication? They are the very core and first line of defense for many of our solutions out there today. How should they be defended in this first line of defense? And how could it be broken?

We will look at how attackers manage to break into companies with very little efforts, leveraging gigantic databases of previous compromises, utilizing online services to create lists of usernames and launching password spraying attacks against these defenses. Very often, once the attacker has one foot inside of a system, things are just so much more insecure and vulnerable, compared to what they are on the unauthenticated side of things.

What about passwords? When asked how they should be stored I normally get the reply of "hashed and salted". Is this entirely true? Is that good enough? We'll look at how to do it. Furthermore, how does a proper hacker store their passwords? With more than 1,000 accounts online, can we practice what we preach in terms of having strong and unique passwords across all services? We will find out in this webcast.

Finally, what about defenses and detection? How can our operations detect successful attacks against our users? And how can we stay one step ahead of the attackers and effectively and securely protect our users before they are even compromised? Solutions coming now...

Hope to see you in this webcast, for some very much needed updates on how to make things right, in terms of passwords and authentication.

Chris Dale is a SANS Instructor and teaches our most popular training course, SANS SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling all throughout the EMEA region.

Speaker Bio

Chris Dale

Chris Dale is a SANS certified instructors and is currently teaching courses on Incident Response and Penetration Testing. He is the head of both Incident Response and Penetration Testing at Netsecurity, a company which serves a multitude of customers within networking, security operations, IR, and Penetration Testing.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.