Password Security Workshop: Smarter Policies. Safer Systems. Hands-on Hacking.
The Kentucky ISSA Chapter, in partnership with Ellipsis Information Security LLC, is excited to present an immersive, hands-on information security workshop focused on Password Security. This day-long event offers a unique opportunity to learn directly from a globally recognized application security expert, who brings over a decade of experience teaching professionals of all skill levels.
Why Attend?
Comprehensive Coverage: Whether you’re a beginner or an advanced practitioner, you’ll gain valuable insights through interactive lectures, real-world demonstrations, and hands-on exercises.
Practical Skills: Take part in exercises designed to replicate real-world security challenges, allowing you to apply what you learn immediately. Bring your laptop to get the most out of these hands-on activities.
Unbeatable Value: Don’t let the price fool you—thanks to the ISSA Kentuckiana chapter, this enterprise-quality training is available at a deeply discounted rate.
CPE Credits
Seats are Limited!
Due to high demand, space is limited, and this workshop is expected to sell out quickly.
Reserve your spot today and take the first step towards mastering API security.
Topics Covered
Password policy myths: What weakens security & what works
Why complexity and rotation backfire (with real stats)
Password patterns: the silent killer of security
Blocklists and breach data for smarter filtering
Best practices for password resets, first login, and MFA setup
Live cracking lab: John the Ripper and Byepass
Self-correcting lockouts and MFA requirements in real systems
Long passwords vs complex ones: why one is a million times better
Hands-On Labs
Attendees will crack sample password hashes using JtR, Hashcat (optional), and Byepass
All required software and datasets are preinstalled in a Kali Linux VM
You’ll receive a download link for the OVA file at registration
Import into VirtualBox at least 48 hours prior to the event to be ready
Where:
12501 Lakefront Place Louisville, KY 40299
(Farm Credit Mid-America Building - Schoolhouse East (132); Schoolhouse West (130))
When:
Saturday, August 9th, 2025
8:30 AM - 4:00 PM
Cost:
Normally $500.00
Special ISSA Kentuckiana Subsidized Price $150.00
ISSA Kentuckiana Chapter Members $50! ($100 off w/ use of member discount code!)
Info on ISSA Kentuckiana Chapter membership benefits available here: https://www.issa-kentuckiana.org/membership
Costs are subsidized by the ISSA Kentuckiana Chapter to make high quality training available for everyone!
Refunds not available for this event.
CPEs
Attendees will receive 6 CPE Credits for this event
Who:
Jeremy Druin
Certified Security Penetration Tester & Cloud Security Architect
Google PCSE|OSCP|GPCS|GCLD|GXPN-GOLD|GPEN-GOLD|GWAPT-GOLD|GCIH-GOLD|GMOB|GSEC|GISF|Sec+
Jeremy is the Distinguished Cybersecurity Architect for the largest multi-national transportation logistics company in the world. Jeremy is also the owner of Ellipsis Information Security and teaches courses for Ellipsis and SANS Institute. As a Director of Education for the Kentucky ISSA chapter, Jeremy presents on application security, penetration testing and defense along with operating the "webpwnized" YouTube video channel. Additionally, Jeremy develops the open-source OWASP Mutillidae II training environment. Jeremy has a Bachelor of Science in Computer Science from Indiana University, a Graduate Certificate in Cybersecurity and Master of Computer Science and Engineering from the University of Louisville and is a GIAC-certified Web, API, Mobile and Network Security Penetration Tester, and Cloud Security Architect.