Password strength is a measure of the effectiveness of a password in resisting guessing and brute-force attacks. In its usual form, it estimates how many trials an attacker who does not have direct access to the password would need, on average, to guess it correctly. The strength of a password is a function of length, complexity, and unpredictability.
Using strong passwords lowers overall risk of a security breach, but strong passwords do not replace the need for other effective security controls. The effectiveness of a password of a given strength is strongly determined by the design and implementation of the authentication system software, particularly how frequently password guesses can be tested by an attacker and how securely information on user passwords is stored and transmitted. Risks are also posed by several means of breaching computer security which are unrelated to password strength. Such means include wiretapping, phishing, keystroke logging, social engineering, dumpster diving, side-channel attacks, and software vulnerabilities.
Read more about Password Strength: Determining Password Strength, Password Guess Validation, Bit Strength Threshold, Password Policy, Password Managers, See Also
Famous quotes containing the word strength:
“Today, supremely, it behooves us to remember that a nation shall be saved by the power that sleeps in its own bosom; or by none; shall be renewed in hope, in confidence, in strength by waters welling up from its own sweet, perennial springs. Not from above; not by patronage of its aristocrats. The flower does not bear the root, but the root the flower.”
—Woodrow Wilson (1856–1924)