Site security:

Please note: There will be 2 instances of PasswordsCon in 2023: In Bergen, Norway, on May 15-16 & 18, and then as a separate track at BSides Las Vegas on August 8-9. There will be live streams & recordings made available online after the conferences.

For the conference in Bergen we do it as we’ve always done it in Europe: academic approach, friendly & laidback atmosphere, single room & single track conference, with plenty of time to get to know people & discuss.

Also we would like to let academic researchers know that we are open for presentations of papers that have already been presented in the academic world, perhaps with updates or more relevant info. Read our CFP text below for more info.

Bergen, Norway, May 15-16 & 18

Normal conference, streamed & recorded, on May 15 & 16.
May 17 is our constitution day, and the city of Bergen is the very best place in Norway to experience it! Bring your suit, shirt & tie, and get ready to experience an amazing day in our city center, from early morning into the late evening!
May 18 will be “by invitation only”, with no streaming or recording of talks, unless each speaker specifically requests it. No press allowed. Our focus will be offensive & forensics, new attacks, tools & methodologies for fighting the evil side of the world. You must bring and show a valid passport to attend this session!

Conference location: Nøstegaten 58, Bergen, Norway
Hotels nearby: Google maps search (or contact me for recommendations!)
Airport: Bergen Airport Flesland (BGO)
Submission deadlines: ASAP please, and no later than Sunday, February 26 Sunday, March 12, by (your) midnight 23:59:59.
Talk lengths: 20-25 minutes or 40-45 minutes, your choice. Please also specify if your talk is for the open (May 15-16) or closed part (May 18) of the conference.
Q&A: Yes. Participants attending physically get to ask questions & talk to speakers obviously.
How to submit: Send your proposal by mail to cfp AT passwordscon DOT org

What we want in your submission:
Full name (+ secret superhero handle, if you have one)
Title, affiliation (if you want)
Social media links to yourself, such as Linkedin, Mastodon, “the birdsite”? (if you want)
Talk title + short abstract (+ long abstract if you really want to explain your talk in the abstract)
Expected length (20-25 or 40-45 minutes)
Profile picture of your self. Not mandatory, use an avatar if you like. It’s just nice to have some pictures.

All talks will be made available online for free on YouTube and/or other channels, unless something else has been agreed directly with the organizer(s). PasswordsCon is not an end user conference. Speakers can assume that participants has a good knowledge of the topics discussed, so no need to explain what hashing or encryption is.

What are we looking for?

Since the very beginning in 2010, we’ve seen time and again that people are surprised by the width & depth of talks that appears at PasswordsCon. From heavy cryptography to psychology, pattern recognition to linguistics, pin codes to lock patterns, email security to credential stuffing, traditional to behavioral biometrics, SMS 2FA to FIDO2/WebAuthn; we’ve had a very wide variety of talks that are all relevant for PasswordsCon. If it can be related to digital authentication in any way, we want to hear from you.

Got a great idea, but not completely sure how to describe it? Send us a short note, we’ll provide feedback ASAP whether it sounds interesting or not for PasswordsCon. You can also check out our archives, & online videos on YouTube.

What do we not want?

We are not interested in marketing pitches, paid keynotes or sales/marketing staff that are not deeply knowledgeable about the contents of their presentation. Whoever wants to talk, please, do not ask or let your PR department submit a talk on your behalf. There are other conferences for that.

For presentations from the academic community, we prefer the person(s) doing the actual work to present it.