Password Strength and Policies
Understand what makes a password strong and how password policies reduce risk.
Why Passwords Still Matter
Despite the rise of MFA and passwordless authentication, passwords remain the most common authentication factor. A weak password is the most common point of initial access in breaches.
What Makes a Password Strong?
Strong passwords have:
- Length — 16+ characters significantly increases entropy
- Complexity — mix of uppercase, lowercase, numbers, symbols
- Unpredictability — no dictionary words, keyboard patterns, or personal info
- Uniqueness — different password for every account
All lessons in this course
- Password Strength and Policies
- Password Hashing: bcrypt, Argon2, PBKDF2
- Multi-Factor Authentication
- Credential Stuffing and Password Spraying