Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only! Grab it Explore the complexities of password security in this 32-minute conference talk from BSidesLV 2017. Delve into the limitations of traditional password strength metrics, examining why entropy calculations and brute-force resistance alone are insufficient. Investigate the impact of password rotation policies, the fallacy of relying solely on length, and the importance of considering human behavior in password creation. Learn about alternative approaches to measuring password strength, including the diceware method, and gain insights into creating more effective security policies. Discover why common practices like using usernames as passwords pose significant risks, and understand how to better educate users on secure password practices.