In general, password and PIN resistance to Guessing (attacks using default passwords, dictionary words, or brute force) and Cracking (attacks that attempt to match the login calculation without needing to know the actual password) is improved implementing 'strong' passwords and a password change policy.