<!doctype html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">
<title>reveal.js</title>
<link rel="stylesheet" href="../reveal.js-4.3.1/dist/reset.css">
<link rel="stylesheet" href="../reveal.js-4.3.1/dist/reveal.css">
<link rel="stylesheet" href="../reveal.js-4.3.1/dist/theme/serif.css">
<!-- Theme used for syntax highlighted code -->
<link rel="stylesheet" href="../reveal.js-4.3.1/plugin/highlight/monokai.css">
</head>
<body>
<div class="reveal">
<div class="slides">
<!-- begin slides -->
<section>
<h3>Schlüsselbrett</h3>
<img class="stretch plain" src="res/keys.jpg" />
<h4>Passwortsicherheit und Passwortmanager</h4>
<small>
<p>CC-BY-SA 2022-08 Helix/RaumZeitLabor</p>
<p>Dauer: ca. 20 min</p>
</small>
</section>
<section>
<section>
<h3>Was definiert ein sicheres Passwort?</h3>
<ul class="fragment">
<li>Passwortlänge</li>
<li class="fragment">Komplexität / Erratbarkeit</li>
<li class="fragment">Merkbarkeit / Übertragbarkeit</li>
<li class="fragment">Einzigartigkeit.</li>
</ul>
</section>
</section>
<section>
<h4>Je länger, desto besser</h4>
<div class="fragment">
<p>aber:</p>
<small><p>passwort passwort passwort passwort passwort passwort</p></small>
</div>
</section>
<section>
<h4>Komplexität / Erratbarkeit</h4>
<p class="fragment">Leicht zu erratende Passwörter:</p>
<ul class="fragment">
<li>Passwortlisten, Namen, Wörterbücher</li>
<li class="fragment">Sequenzen <i>(abcde, 13579)</i></li>
<li class="fragment">Wiederholungen <i>(aaa, 111, 131313)</i></li>
<li class="fragment">Transformationen <i>(1337$peak)</i></li>
<li class="fragment">Tastatur <i>(qwertz, iuhbv, xvlcw)</i></li>
<li class="fragment">Jahreszahlen und Kalenderdaten</li>
</ul>
</section>
<section>
<section>
<h4>Merkbarkeit / Übertragbarkeit</h4>
</section>
<section>
<h4>korrekt pferd batterie stapel</h4>
</section>
<section data-transition="fade-in">
<img class="plain" src="res/password_strength-1.png" />
</section>
<section data-transition="fade-in">
<img class="plain" src="res/password_strength-2.png" />
</section>
<section data-transition="fade-in">
<img class="plain" src="res/password_strength-3.png" />
</section>
<section data-transition="fade-in">
<img class="plain" src="res/password_strength-4.png" />
</section>
<section data-transition="fade-in">
<img class="plain" src="res/password_strength-5.png" />
</section>
<section data-transition="fade-in">
<img class="plain" src="res/password_strength-6.png" />
</section>
<section data-transition="fade-in">
<img class="plain" src="res/password_strength-7.png" />
</section>
</section>
<section>
<h4>Einzigartigkeit</h4>
<h3>Jedes Passwort nur ein Mal benutzen!</h3>
</section>
<section>
<section>
<h3>Passwortmanager</h3>
</section>
<section>
<h4><img class="plain" style="height:1em;margin:0 0 -.15em 0" src="res/keepassxc-logo.png" /> KeePassXC</h4>
<ul class="fragment">
<li>Frei und Open Source</li>
<li class="fragment">für Windows, GNU/Linux, macOS</li>
<li class="fragment">Download auf <a target="_blank" href="https://keepassxc.org">keepassxc.org</a></li>
</ul>
</section>
<section>
<h4>Screenshot von KeePassXC</h4>
<img class="stretch plain" src="res/keepassxc-screenshot.png" />
</section>
<section>
<h4>Wie funktioniert ein Passwortmanager?</h4>
<ul class="fragment">
<li>Datenbank aller Passwörter</li>
<li class="fragment">Verschlüsselt</li>
<li class="fragment">Geschützt mit: Masterpasswort, Keyfile, <abbr title="Timed One Time Password">TOTP</abbr></li>
</ul>
</section>
</section>
<section>
<section>
<h3>Tipps zum Umgang mit Passwörtern und Passwort-Datenbanken</h3>
</section>
<section>
<h4>Passwörter</h4>
<ul class="fragment">
<li>ausreichend lang</li>
<li class="fragment">schwer erratbar (von Mensch <i>und</i> Maschine)</li>
<li class="fragment">leicht übertragbar <small>wenn es sein muss</small></li>
<li class="fragment">nicht mehrfach verwenden!</li>
</ul>
</section>
<section>
<h4>Einmalpasswörter</h4>
<ul class="fragment">
<li>mit Google Authenticator oder FreeOTP generieren</li>
<li class="fragment">sichern (Seeds)</li>
<li class="fragment">das Gerät nicht verlieren</li>
</ul>
</section>
</section>
<section><!-- sources -->
<h4>Quellen</h4>
<small>
<ul>
<li>Titelbild: <a target="_blank" href="https://www.flickr.com/photos/ke-dickinson/7159943526">keys – ke-dickinson @ flickr</a></li>
<li><a target="_blank" href="https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/wheeler">zxcvbn: Low-Budget Password Strength Estimation</a></li>
<li><a target="_blank" href="https://xkcd.com/936/">XKCD-Comic "Password Strength"</a></li>
<li><a target="_blank" href="https://diogomonica.com/2014/10/11/password-security-why-the-horse-battery-staple-is-not-correct/">Why the horse battery staple is not correct</a></li>
</ul>
</small>
<hr />
<h3>Danke für's Zuhören!</h3>
</section><!-- /sources -->
<!-- end slides -->
</div>
</div>
<script src="../reveal.js-4.3.1/dist/reveal.js"></script>
<script src="../reveal.js-4.3.1/plugin/notes/notes.js"></script>
<script src="../reveal.js-4.3.1/plugin/markdown/markdown.js"></script>
<script src="../reveal.js-4.3.1/plugin/highlight/highlight.js"></script>
<script>
// More info about initialization & config:
// - https://revealjs.com/initialization/
// - https://revealjs.com/config/
Reveal.initialize({
hash: true,
// Learn about plugins: https://revealjs.com/plugins/
plugins: [ RevealMarkdown, RevealHighlight, RevealNotes ]
});
</script>
</body>
</html>