Abstract
* Users allowed to choose reusable passwords -> Weak passwords are often chosen.
* A password is weak if it is
1. easy to guess,
2. simple to derive, or
3. likely to be found in a dictionary attack.
* (attempted) solution: keep dictionary, try to look up newly chosen passwords.
* Problem: the size of the dictionary makes storing it possibly searching it
unattractive.
*(New) solution: use a Bloom filter for reduced storage consumption and constant
look-up time.
