Password Selection Strategies

• Reactive password checking:

  • The system periodically runs its own password cracker to find guessable passwords.
  • The system cancels passwords that are guessed and notifies user.
  • Consumes resources.
  • Hackers can use this on their own machine with a copy of the password file. Can they get the password file?

• Proactive password checking:

  • The system checks at the time of selection if the password is allowable.
  • With guidance from the system, users can select memorable passwords that are difficult to guess.

Previous slide

Next slide

Back to first slide

View graphic version