Passwords (as opposed to passphrases) are typically rather weak and prone to a range of attacks. In the very worst of designs (which, unfortunately, are quite common), a password is simply used directly as a key. For example, an algorithm might allow for a 64-bit key, and the application designer might decide to get this 64 bits by having a user type in eight characters (using the concatenated ASCII values as the key). Much of the strength of the algorithm is likely to depend on an attacker not knowing which of the 2^64 possible keys are in use. However, the set of passphrases a person is likely to type (and remember) in eight characters is a tiny subset of all the 2^64 allowable keys. A lot of ASCII values are hard to get at through keyboard entry, and people tend to favor common words and letters in predictable patterns. This protocol is likely to be orders-of-magnitude weaker than the algorithm itself might suggest. Even if using a "seed", "whitening", or other transformation to compute the final key, people tend to use a range of passwords that will inherently limit its strength.