In cryptography, a zero-knowledge password proof (ZKPP) is a type of zero-knowledge proof that allows one party (the prover) to prove to another party (the verifier) that it knows a value of a password, without revealing anything other than the fact that it knows the password to the verifier.
The term is defined in IEEE P1363.2, in reference to one of the benefits of using a password-authenticated key exchange (PAKE) protocol that is secure against off-line dictionary attacks.
A ZKPP prevents any party from verifying guesses for the password without interacting with a party that knows it and, in the optimal case, provides exactly one guess in each interaction.
[2] A considerable number of refinements, alternatives, and variations in the growing class of password-authenticated key agreement methods were developed in subsequent years.
Standards for these methods include IETF RFC 2945, IEEE P1363.2, and ISO-IEC 11770-4.