Send message to

Do you want to send the message without a subject?
Please note that your message can be maximum 1000 characters long
Special characters '<', '>' are not allowed in subject and message
reCaptcha is invalid.
reCaptcha failed because of a problem with the server.

Your message has been sent

You can find the message in your personal profile at "My messages".

An error occured

Please try again.

Make an appointment with

So that you can make an appointment, the calendar will open in a new tab on the personal profile of your contact person.

Create an onsite appointment with

So that you can make an onsite appointment, the appointment request will open in a new tab.

Make onsite appointment
Header of heylogin GmbH
Forums it-sa Expo Knowledge Forum D

Password Manager Breaches: Why 2FA is Useless Here

Dr. Dominik Schürmann explains why 2FA is useless if the infrastructure of traditional password managers is breached.

Buy trade fair ticket

You can register for this action soon.

You can register for the digital action soon.

Please come back at the scheduled date and time.

The action is currently live. Please scroll down to watch.

This action is only available onsite: Forums it-sa Expo

Save and remember action
close

This content or feature is available to the it-sa 365 community. 
Please register or log in with your login data.

Add action to bookmarks and download as iCal

Join now

Note: If you continue, the contact data you provided during registration may be transmitted to the respective provider in accordance with our General Terms and Conditions.

This action has already taken place. This action will soon be available as a video.

This action has already taken place. Please scroll down to watch the video.

This action has already taken place. It's not available any more.

You are in!

Your ticket / access to the action was sent to you by email.

There is a problem with the action at the moment. Please come back later or contact support.

calendar_today Wed, 23.10.2024, 14:45 - 15:00

event_available On site

place Hall 7A, Booth 7A-106

Action description

south_east

Speaker

south_east

Themes

Identity and access management

Key Facts

  • Encryption architecture of popular password managers
  • The limitations of 2FA after encrypted vaults are stolen
  • 2-factor secure encryption architecture as our solution

Organizer

Event

This action is part of the event Forums it-sa Expo

Action description

Dr. Dominik Schürmann, holding a PhD in IT security with over 15 scientific publications, will deliver a talk titled "Password Manager Breaches: Why 2FA is Useless Here." With extensive experience in both research and practical application development, Dr. Schürmann founded heylogin GmbH in 2018, the first password manager with full hardware-based end-to-end encryption, developed and hosted in Germany.

The talk addresses a significant security issue highlighted by the December 2022 breach, where attackers captured encrypted vaults of LastPass. This breach revealed that the master password was the only barrier between attackers and the encrypted data, rendering any configured 2FA methods ineffective. Dr. Schürmann will explain why 2FA is useless in such scenarios.

He will explore the encryption architecture used by popular password managers like LastPass, 1Password, Dashlane, and Bitwarden, focusing on how these methods are intended to protect user data and their limitations. The talk will emphasize the critical interplay between encryption and 2FA, showing why 2FA fails to protect data once encrypted vaults have been stolen.

Dr. Schürmann will introduce an innovative approach to password manager architecture that eliminates the reliance on a master password, using advanced hardware-based end-to-end encryption. This new model is 2-factor secure even if attackers capture the encrypted vaults. ... read more

Language: English

Questions and Answers: No

Speaker

show more

You might also be interested in

Header of cirosec GmbH
10/21/2024| 12:30 PM - 06:00 PM
Trends in IT Security

The event will take a look at the current situation in IT security from a technical and strategic...
Action of qSkills
10/22/2024| 05:00 AM - 05:30 PM
Digital trust and European regulation

Digital trust is now a central element of business strategy and ensures security, resilience and ...
it-sa 365 Key Visual
10/22/2024| 10:00 AM - 10:15 AM
Cybercrime & cyberwar: protective measures and strategies against digital threats

Companies are increasingly becoming victims of ransomware attacks. There is a risk of financial l...
Header of IT-Power Services Deutschland GmbH
10/22/2024| 10:15 AM - 10:30 AM
Why IT security should not end in the network area...

The IT infrastructure is the heart of your business processes and must be considered in the overa...
Header of Vectra AI
10/22/2024| 10:15 AM - 10:30 AM
K.I.S.S. - A pragmatic security strategy using the example of a SOC

Using the SOC example, we show how the Pareto principle and zero-based budgeting promote a pragma...
close

This content or feature is available to the it-sa 365 community. 
Please register or log in with your login data.