Partial password

A partial password is a mode of password authentication intended to make keystroke logging and shoulder surfing less effective.

A paper by David Aspinall and Mike Just describes partial password implementations and attacks in a detailed study.

[1] Tested with 110,000 simulations using passwords longer than 8 characters long, Junade Ali has noted:[3] It is considered good practice to not store passwords in plaintext.

Some have suggested storing the digest of each combination of letters that could be requested, but they note that this results in generating and storing a large amount of digests.

[5][6] A better solution in terms of storage space and security is using a secret sharing scheme.

A partial password entry form in a mobile banking application