Blue Team
Passwords are Forever: We've been waiting more than 20 years for a future that simply does not exist. There has been a persistent mentality for many years now that "passwordless authentication" is right around the corner. It's happening any day now, trust me. You'll experience utopia as soon as this new product, standard, or idea goes mainstream. It's 2025 and I am sad to say that I think I've identified an alarming pattern: I have more passwords in my vault than I had in 2024... which was more than 2023... which was more than 2022... and I bet you do too. Let's talk about this. In my talk I want to start from the beginning to better understand the present. We will cover the following topics: - The evolution of ciphertext. - How tokens were supposed to limit the password explosion blast radius. - Why SaaS sprawl has only made the problem worse. - Password managers haven't solved the underlying issues. - My ideas for modern solutions to ancient problems.
Over the course of his 25-year career in information technology, LeeTschetter has transitioned from implementing technology solutions todelivering security products. In the past decade his focus has shiftedto identity and access management, a decision informed by hisfirsthand experience in identifying the root causes of numerous IT andsecurity failures. He believes in giving back to the securitycommunity and participates in various organizations, including theTwin Cities Identity and Access Management User Group, the IdentityDefined Security Alliance, and has previously served as a board memberfor the Minnesota chapter of the Information Systems SecurityAssociation.
We proudly present SecretCon, an entirely unparalleled conference for the state of Minnesota, built for our new digital reality. This conference is dedicated to the many specialties of our hacker, cybersecurity, and privacy community. We have taken it upon ourselves to construct a conference that not only embraces our past, but also looks to the future. Join us!