Security glossary.
Precise definitions of password security and compliance terms. Written for security teams, compliance officers, and developers — not marketing.
Entropy (Password)
Password entropy is a mathematical measure of unpredictability, expressed in bits. Higher entropy means a credential is harder to guess or crack by brute force.
Authentication Policy
An authentication policy is a documented set of rules governing how credentials are created, stored, rotated, and revoked within an organisation. It is required evidence for HIPAA, PCI-DSS, SOC 2, and ISO 27001 audits.
Credential Security
Credential security is the practice of protecting authentication secrets — passwords, tokens, API keys — throughout their lifecycle: from secure generation to compliant storage, rotation, and revocation.
Password Compliance
Password compliance means that your credential management practices meet the documented requirements of a specific security or regulatory framework — and that you can prove it to an auditor.
Audit Trail (Credential)
A credential audit trail is the documented record of all actions taken on authentication secrets — creation, access, modification, rotation, and revocation — required by HIPAA, PCI-DSS, SOC 2, and ISO 27001 as evidence of controlled access management.