Passwords: Cracking, Chaos, and the Future - Evil Mog | Podcast Ep. 105

Joe Carson talks with Dustin Heywood, aka Evil Mog, the Chief Architect of IBM X-Force, IBM's Hacking Incident Response and Threat Intelligence division, and a renowned password security researcher. He studies the movements of access brokers across the criminal software supply chain and warns that credentials are being traded on the Dark Web for pennies on the dollar, stored in Github, and driving the growth of identity-based attacks.

Meanwhile, shared passwords, reused passwords, legacy software, and the growth of AI applications make effective authentication challenging. He and Joe discuss the latest research on the current state of passwords and how they’re evolving for layered authentication and authorization.

In this podcast, you’ll learn how you can move manual password processes into the background and improve security through password managers, passkeys, MFA tokens, FIDO2 and other techniques. If you have questions about passwordless authentication, you’ll want to tune in.


Chapters:

00:00 Introduction and Background
02:18 The Current State of Passwords
03:58 Legacy Systems and Passwords
05:35 Evolution of Passwords
08:11 Risks and Exploitation of Passwords
10:13 Password Reuse and Human Behavior
15:34 Attacker Techniques and API Vulnerabilities
21:27 AI and GPTs in Password Cracking
23:22 Creating Strong Passwords
25:37 Password Management and Rotation
27:30 Enterprise Password Managers
28:57 Securing Personal and Work Lives
32:18 Digital Identity and Authentication
36:02 Extending Security to Families
38:26 Evolution of Passwords and Authentication
42:14 Best Practices for Passwords
45:56 Following Evil Mog's Research

Check out all our cybersecurity podcasts: https://delinea.com/events/podcasts

Follow Joe:
  / josephcarson  
  / joe_carson  

Follow Evil Mog:
  / evilmog  
  / evil_mog  

* *

Want to maximize your organization’s cybersecurity? Join us on LinkedIn and Twitter—we have many great resources for CISOs, BISOs and IT security teams:
  / delinea  
  / delineainc  

See what else we have coming down the pipeline—subscribe to our YouTube Channel:
https://www.youtube.com/c/delinea?sub...

Subscribe to never miss an episode!
APPLE: https://podcasts.apple.com/us/podcast...
SPOTIFY: https://open.spotify.com/show/3ZgT6fg...

#cybersecuritypodcast #passwordsecurity #passwordless