Passwords

A password is a sequence of characters which is a shared secret between the user and system. Passwords are usually stored on the system in a user-inaccessible location, or are stored in an encrypted form. Password present a variety of risks:

• passwords can be guessed, shared, written down, or forgotten;
• passwords can be stolen by observation;
• passwords tend not to be changed very often, and if they are, are more readily forgotten;
• passwords in plaintext are passed over the network, or are stored in publicly readable locations on the system.
• encrypted passwords are often publicly readable, making them susceptible to cryptographic analysis.
• short passwords can be found via brute-force methods