A-Z Popular Blog Security Search »
Information Security
Related Guides

What is the Password Paradox?

 , updated on
The password paradox is when an organization's requirements for a strong password leads users to poor security practices such as writing passwords down or reusing passwords. The following are common examples.

Complex Passwords

A password policy that requires long, complex passwords including things such as upper case, lower case, special characters and numbers makes it more likely that users will write passwords down or forget them and need to call customer support. This isn't necessarily bad, as writing a password in one physically secure place may be safer than using a weak password. A trusted password management tool that stores passwords in a strong encrypted format is perhaps helpful.

Password Change Policy

In the past, it was common for systems to require users to change passwords frequently. As this interrupts the flow of a user's task they are more likely to choose a weak password as they are motivated to continue.
Overview: Password Paradox
When a password policy intended to strengthen security ends up encouraging users to write passwords down, reuse passwords or choose weak passwords.
Related Concepts

Information Security

This is the complete list of articles we have written about information security.
Audit Trail
Canary Trap
Confidential Information
Critical Infrastructure
Cryptographic Keys
Cryptographic Salt
Cybersecurity Risk
Data Breach
Data Remanence
Data Room
Data Security
Deep Magic
Defense In Depth
Digital Identity
Failure Of Imagination
Incident Response
IoT Security
Key Stretching
Network Security
Operations Security
Overlay Network
Password Entropy
Password Fatigue
Proof Of Work
Secure Code Review
Security As A Service
Security Controls
More ...
If you enjoyed this page, please consider bookmarking Simplicable.

Security vs Privacy

The relationship between security and privacy.


An overview of technology hardening.

Deep Magic

An overview of deep magic, a technology term.

Defense In Depth

An overview of defense In depth.

Encryption Examples

A definition of encryption with examples.

Canary Trap

A definition of canary trap with an example.


A definition of honeypot with examples.

Security Through Obscurity

A definition of security through obscurity with an example.


A definition of token with examples.


A definition of backdoor with examples.

Privacy By Design

An overview of privacy by design.

Expectation Of Privacy

The definition of expectation of privacy.

Personally Identifiable Information

An overview of personally identifiable information.

Delete vs Wipe

The difference between deleting data and wiping it.

Data Risks

A definition of data risk with examples.

Personal Information

A definition of personal information with examples.

Data Subject

A definition of data subject with examples.

Machine Readable

The definition of machine readable with examples.


The definition of delete with examples.

Privacy Examples

The definition of privacy with examples.
The most popular articles on Simplicable in the past day.

New Articles

Recent posts or updates on Simplicable.
Site Map