[Security Nation] Jeremi Gosney on the Psychology of Password Hygiene

In this episode of Security Nation, Jen and Tod talk to renowned password security expert Jeremi Gosney about how we are all guilty of bad password practices. He discusses the psychology of how we develop the various words/phrase combinations that become our crackable passwords.

Stick around for the Rapid Rundown, where Tod and Jen dive into a great story for Cybersecurity Awareness Month as well as bad data-governance practices.

Jeremi Gosney

Jeremi Gosney is a renowned password cracker and password security expert. He is a member of the Hashcat core development team, the former CEO of the password cracking firm Terahash, and the author of the Pufferfish and hmac-bcrypt password hashing functions. He also helps run the DEF CON Password Village and the PasswordsCon track at Security BSides Las Vegas.

Show notes

Interview links

• Jeremi on Password Nihilism
• The Rails bug Jeremi referenced

Rapid Rundown links

• Risky Business Newsletter on fake PoCs: “GitHub aflood with fake and malicious PoCs”
• The cited paper: “How security professionals are being attacked: A study of malicious CVE proof of concept exploits in GitHub”
• Also relevant is Honeysploit by Curtis Brazzell

Like the show? Want to keep Jen and Tod in the podcasting business? Feel free to rate and review with your favorite podcast purveyor, like Apple Podcasts.

Want More Inspiring Stories From the Security Community?

Subscribe to Security Nation Today