An approach and a software system of choosing reliable password phrases for resource access control