Password strength is a measure of the effectiveness of a password in resisting guessing and brute-force attacks. In its usual form, it estimates how many trials an attacker who does not have direct access to the password would need, on average, to guess it correctly. The strength of a password is a function of length, complexity, and unpredictability.
Using strong passwords lowers overall risk of a security breach, but strong passwords do not replace the need for other effective security controls. The effectiveness of a password of a given strength is strongly determined by the design and implementation of the authentication system software, particularly how frequently password guesses can be tested by an attacker and how securely information on user passwords is stored and transmitted. Risks are also posed by several means of breaching computer security which are unrelated to password strength. Such means include wiretapping, phishing, keystroke logging, social engineering, dumpster diving, side-channel attacks, and software vulnerabilities.
Read more about Password Strength: Determining Password Strength, Password Guess Validation, Bit Strength Threshold, Password Policy, Password Managers, See Also
Famous quotes containing the word strength:
“... there was one of two things I had a right to, liberty, or death; if I could not have one, I would take de oder; for no man should take me alive; I should fight for my liberty as long as my strength lasted, and when de time came for me to go, de Lord would let dem take me.”
—Harriet Tubman (c. 1820–1913)