9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
In this episode of Security Nation, Jen and Tod talk to renowned password security expert Jeremi Gosney about how we are all guilty of bad password practices. He discusses the psychology of how we develop the various words/phrase combinations that become our crackable passwords.
Stick around for the Rapid Rundown, where Tod and Jen dive into a great story for Cybersecurity Awareness Month as well as bad data-governance practices.
Jeremi Gosney is a renowned password cracker and password security expert. He is a member of the Hashcat core development team, the former CEO of the password cracking firm Terahash, and the author of the Pufferfish and hmac-bcrypt password hashing functions. He also helps run the DEF CON Password Village and the PasswordsCon track at Security BSides Las Vegas.
Interview links
Rapid Rundown links
Like the show? Want to keep Jen and Tod in the podcasting business? Feel free to rate and review with your favorite podcast purveyor, like Apple Podcasts.
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P