Businesses should seed their password databases with fake passwords and then monitor all login attempts for use of those credentials to detect if hackers have stolen stored user information. The term “honeywords” is a play on “honeypot,” which in the information security realm refers to creating fake servers and then learning how attackers attempt to exploit them — in effect, using them to help detect more widespread intrusions inside a network. The honeywords concept is also elegant because any attacker who’s able to steal a copy of a password database won’t know if the information it contains is real or fake. An auxiliary server (the “honeychecker”) can distinguish the user password from honeywords for the login routine and will set off an alarm if a honeyword is submitted.”