The paper investigates the required password strength from the password guessing attacks (online and offline collection of passwords). And also considered an alternate system of protection against offline attacks are not based on the strength of your password. Consider the use of password policies for users who are from the community against the safety of attacks on passwords.