Used for user authentication to prove identity or access approval
For other uses, see Password (disambiguation).
"Passcode" redirects here. For the Japanese idol group, see Passcode (group).
For assistance with your Wikipedia password, see Help:Reset password.
A password, sometimes called a passcode, is secret data, typically a string of characters, usually used to confirm a user's identity. Traditionally, passwords were expected to be memorized,[1] but the large number of password-protected services that a typical individual accesses can make memorization of unique passwords for each service impractical.[2] Using the terminology of the NIST Digital Identity Guidelines,[3] the secret is held by a party called the claimant while the party verifying the identity of the claimant is called the verifier. When the claimant successfully demonstrates knowledge of the password to the verifier through an established authentication protocol,[4] the verifier is able to infer the claimant's identity.
In general, a password is an arbitrary string of characters including letters, digits, or other symbols. If the permissible characters are constrained to be numeric, the corresponding secret is sometimes called a personal identification number (PIN).
Despite its name, a password does not need to be an actual word; indeed, a non-word (in the dictionary sense) may be harder to guess, which is a desirable property of passwords. A memorized secret consisting of a sequence of words or other text separated by spaces is sometimes called a passphrase. A passphrase is similar to a password in usage, but the former is generally longer for added security.[5]
^Ranjan, Pratik; Om, Hari (6 May 2016). "An Efficient Remote User Password Authentication Scheme based on Rabin's Cryptosystem". Wireless Personal Communications. 90 (1): 217–244. doi:10.1007/s11277-016-3342-5. ISSN 0929-6212. S2CID 21912076.
^Williams, Shannon (21 October 2020). "Average person has 100 passwords - study". NordPass. Retrieved 28 April 2021.
^Grassi, Paul A.; Garcia, Michael E.; Fenton, James L. (June 2017). "NIST Special Publication 800-63-3: Digital Identity Guidelines". National Institute of Standards and Technology (NIST). doi:10.6028/NIST.SP.800-63-3. Retrieved 17 May 2019. {{cite journal}}: Cite journal requires |journal= (help)
^"authentication protocol". Computer Security Resource Center (NIST). Archived from the original on 17 May 2019. Retrieved 17 May 2019.
^"Passphrase". Computer Security Resource Center (NIST). Retrieved 17 May 2019.
A password, sometimes called a passcode, is secret data, typically a string of characters, usually used to confirm a user's identity. Traditionally, passwords...
Password strength is a measure of the effectiveness of a password against guessing or brute-force attacks. In its usual form, it estimates how many trials...
In cryptanalysis and computer security, password cracking is the process of recovering passwords from data that has been stored in or transmitted by a...
Password Plus and Super Password are American TV game shows that aired separately between 1979 and 1989. Both shows were revivals of Password, which originally...
A password manager is a computer program that allows users to store and manage their passwords for local applications or online services such as web applications...
The Password Game is a 2023 puzzle browser game developed by Neal Agarwal, where the player creates a password that follows increasingly unusual and complicated...
the most common passwords, discovered in various data breaches. Common passwords generally are not recommended on account of low password strength. NordPass...
derives one or more secret keys from a secret value such as a master key, a password, or a passphrase using a pseudorandom function (which typically uses a...
LastPass is a password manager application owned by GoTo (formerly LogMeIn Inc.). The standard version of LastPass comes with a web interface, but also...
and password) for this access to these computers across a public network in an unsecured way, poses a great risk of 3rd parties obtaining the password and...
bcrypt is a password-hashing function designed by Niels Provos and David Mazières, based on the Blowfish cipher and presented at USENIX in 1999. Besides...
A password policy is a set of rules designed to enhance computer security by encouraging users to employ strong passwords and use them properly. A password...
KeePass Password Safe is a free and open-source password manager primarily for Windows. It officially supports macOS and Linux operating systems through...
including a master password to prevent casual access to a user's passwords. Chrome developers have indicated that a master password does not provide real...
The list below includes the names of password managers with dedicated Wikipedia articles. Password manager Password fatigue Comparison of TOTP applications...
The Password Hashing Competition was an open competition announced in 2013 to select one or more password hash functions that can be recognized as a recommended...
Password Safe is a free and open-source password manager program originally written for Microsoft Windows but supporting a wide array of operating systems...
cracking password hashes. Passwords are typically stored not in plain text form, but as hash values. If such a database of hashed passwords falls into...
blanking local passwords used by Windows NT operating systems on Linux. It does this by editing the SAM database where Windows stores password hashes. There...
from their password, rather than the whole password, partial passwords help to protect the user from password theft. As only part of the password is revealed...
image with any forms that request a password. Users of the bank's online services are instructed to enter a password only when they see the image they selected...
Where a device needs a username and/or password to log in, a default password is usually provided to access the device during its initial setup, or after...
her password as proof of identity, which Alice dutifully provides (possibly after some transformation like hashing, or even salting, the password); meanwhile...