A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:


Chris Murrey "f8lerror" & Jake Garlie "jagar": Easy Passwords = Easy Break-Ins Derbycon 2012 (Hacking Illustrated Series InfoSec Tutorial Videos)

Chris Murrey "f8lerror" & Jake Garlie "jagar": Easy Passwords = Easy Break-Ins
Derbycon 2012 Stable Talk

It is no secret that people tend to be lazy. There is no better demonstration of this fact than people’s password selection. This presentation will discuss trends and common unique passwords that have been identified from analyzing tens of thousands of accounts and passwords in use in today’s corporate environments. This is not password analysis of the lame public breaches of some unheard of websites. The passwords were obtained by real penetration assessments and the passwords are what corporate users believe are secure passwords. This will highlight the different types of passwords users choose when faced with varying complexity requirements. Chris Murrey and Jake Garlie put this knowledge to use in every penetration test and have had phenomenal success in breaking in to a wide variety of organizations.

As a Penetration Tester, Chris Murrey is passionate about the role he plays in ethical hacking. Mr. Murrey performs technical security assessments on a weekly basis, specifically Web Application Security Assessments and Internal/External Penetration Tests. As a Penetration Tester on SecureState’s Profiling Team, Jake Garlie performs many assessments including Penetration Tests, Web Application Security Assessments, and Wireless Assessments. In his tenure with SecureState, Mr. Garlie has worked with organizations across a variety of industries, providing him with the expertise and knowledge of the different ways each industry secures their data.

Big thanks to Damian Profancik for recording these.

Back to Derbycon 2012 video list

Printable version of this article

15 most recent posts on Irongeek.com:

If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast