Explore the critical issue of password security in this 34-minute conference talk from BSidesSF 2015. Delve into how attackers exploit human weaknesses in password creation and vulnerability to phishing, and learn about the shift towards breaching websites to steal user databases. Examine common weaknesses in user database implementations through real-world examples. Analyze a well-known 2014 database dump as a case study to understand why password reuse and weak passwords persist as unfixable human behaviors, even with securely salted and hashed passwords. Gain insights into how attackers aim to access organizations undetected and discover the implications for cybersecurity practices.