Interview with Per Thorsheim, PasswordsCon Founder and Organizer, speaker at the Honeynet Workshop 2015
Per Thorsheim is the founder & main organizer of Passwordscon, the worlds first and only conference about passwords and digital authentication. After pwning a Fortune 500 in a day because of a lazy sysadmin using “Password” as his password 16 years ago, Per has been researching the security and usability of the one security technology that pretty much everyone uses every single day.
1) What was your motivation to enter the Information Security field, and who inspired and helped you along the way?
I read about the Chaos Computer Club somewhere in the 80’s when playing around with a C64 and Amiga 1000, but running SATAN on an SGI system in 94-95 really sparked the professional interest.
2) How do keep yourself motivated in this line of work and how do you handle the competition & failures?
Every single user I can turn into understanding the need for security and its applicability to their work is a win for me, and is more than motivation enough. As my primary interests are in passwords, digital authentication and the intersection of technology, usability and legal issues, competition is less fierce than in other areas. In other words, I can handle it. 🙂
3) Why is the Global Honeynet Project important and why should people support this cause?
The Honeynet project enables learning of how attackers work, and aid in the discovery, prevention and handling of digital attacks in many shapes and sizes. Over the years the project have made significant contributions to our understanding of many challenges we are facing on a daily basis.
4) What is your talk about and why should people join the event?
I’m talking about the intersection of technology and people, were both needs to play along in order to detect, prevent and eventually handle security incidents. I will emphasize the use of location awareness applied to users, in order to strengthen our chances of achieving our goals.
5) What Security issues are being exploited and how to counter them?
Passwords and user credentials, obviously. That’s why I’ve been researching this for 15+ years now!
6) How does your talk impact today’s security scenario?
I try to look into the not-so-distant future, where crime becomes even more global and cross-border challenges. That, coupled with near- and offshoring and its associated challenges are important.
7) What are the gaps in today’s security methods?
Cross-border legal issues are by far a major issue that needs to be improved.
8) What are your suggestions for upcoming professionals?
Don’t just listen to what others have to say. Discover your own way, and never make any assumptions, try to confirm what you believe yourself.
