The Open Web Application Security Project (OWASP) Los Angeles Chapter is teaming up with the Orange County, San Diego, SF Bay Area, and the Inland Empire chapters to bring you the FIFTH Annual AppSec California. The event is a one of a kind experience for information security professionals, developers, and QA and testing professionals, as they gather at the beach from around the world to learn and share knowledge and experiences about secure systems and secure development methodologies.

One and Two-day training sessions on various subjects by expert trainers kick off the conference on January 28th. World renown speakers follow on days three and four.

There will be four concurrent tracks throughout the day on both January 30 and 31, addressing a variety of topics to enhance knowledge.

Back To Schedule
Wednesday, January 31 • 11:30am - 12:20pm
Security After Death -- Not your problem, or is it?

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Abstract :
The talk covers practical solutions to storing passwords and secure ways to share those passwords. The solutions range from commercial to open source and even some roll your own.

It will also cover solutions that answer the question; “How do I allow others to access all my password after I am unavailable, incapacitated or dead?”

I will review the current state of password key rings, password managers and vault systems available in commercial and open source forms. I will also talk about why you should be using password managers in your personal life and at your businesses to help manage the security of your passwords, share passwords safely, and how to recover from the unexpected.
Finally I will cover Shamir’s Secret Sharing https://en.wikipedia.org/wiki/Shamir%27s_Secret_Sharing (SSS) as a solution that can be used to safely share passwords, following a dual control rule, where one shared part cannot be used to recover the password but can be used by t of n trusted persons to recover the password(s) and use SSS to access encrypted data.

avatar for Ty Shipman

Ty Shipman

Ty Shipman has 30+ years in the computer industry. He started writing games in the 1980’s and now focuses on security and compliance. He co-founded Kagi, an online store that ran for 20+ years. Mostly recently he was the V.P. of Security and Compliance at LoopPay; which was acquired... Read More →

Wednesday January 31, 2018 11:30am - 12:20pm PST
Garden Terrace Room