Time Complexity: Password policies and best practices
O(n)
0
0
Password policies and best practices in Cybersecurity - Time & Space Complexity
Understanding Time Complexity
We want to understand how the time it takes to check passwords grows as the number of users or password rules increases.
How does adding more rules or users affect the time needed to enforce password policies?
Scenario Under Consideration
Analyze the time complexity of the following password validation process.
function validatePassword(password, rules) {
for (let rule of rules) {
if (!rule.check(password)) {
return false;
}
}
return true;
}
// rules is an array of functions checking conditions like length, digits, symbols
// password is a string to validate
This code checks a password against a list of rules one by one and stops if any rule fails.
Identify Repeating Operations
- Primary operation: Looping through each password rule to check it.
- How many times: Once for each rule until a failure or all pass.
How Execution Grows With Input
As the number of rules grows, the time to check a password grows roughly the same amount.
| Input Size (number of rules) | Approx. Operations |
|---|---|
| 10 | 10 checks |
| 100 | 100 checks |
| 1000 | 1000 checks |
Pattern observation: The time grows directly with the number of rules; doubling rules doubles the checks.
Final Time Complexity
Time Complexity: O(n)
This means the time to validate a password grows in a straight line as the number of rules increases.
Common Mistake
[X] Wrong: "Adding more rules won't affect validation time much because checks are simple."
[OK] Correct: Each rule adds a check, so more rules mean more work and longer validation time.
Interview Connect
Understanding how password validation time grows helps you design secure systems that stay fast as they grow.
Self-Check
"What if we stopped checking rules as soon as one fails? How would that change the time complexity in practice?"