Editing Key (cryptography) (section)

== Key vs password ==

A password is a memorized series of characters including letters, digits, and other special symbols that are used to verify identity. It is often produced by a human user or a password management software to protect personal and sensitive information or generate cryptographic keys. Passwords are often created to be memorized by users and may contain non-random information such as dictionary words.<ref name=NIST/> On the other hand, a key can help strengthen password protection by implementing a cryptographic algorithm which is difficult to guess or replace the password altogether. A key is generated based on random or pseudo-random data and can often be unreadable to humans.<ref>{{Cite web|last=Khillar|first=Sagar|title=Difference Between Encryption and Password Protection {{!}} Difference Between|date=29 April 2020 |url=http://www.differencebetween.net/technology/difference-between-encryption-and-password-protection/|access-date=2021-04-02|language=en-US}}</ref>

A password is less safe than a cryptographic key due to its low entropy, randomness, and human-readable properties. However, the password may be the only secret data that is accessible to the cryptographic algorithm for [[information security]] in some applications such as securing information in storage devices. Thus, a deterministic algorithm called a [[key derivation function]] (KDF) uses a password to generate the secure cryptographic keying material to compensate for the password's weakness. Various methods such as adding a [[Salt (cryptography)|salt]] or key stretching may be used in the generation.<ref name=NIST/>