The password authentication method is the easiest to implement, as it is set up by default. Since all communication is encrypted, passwords are not available for eavesdroppers.

On a Unix system, password authentication uses the /etc/passwd or /etc/shadow file, depending on how the passwords are set up. The shadow password files can be used on Linux and Solaris servers, but not on HP-UX or AIX servers.

On Windows, password authentication uses the Windows password to authenticate the user at login time. Also, if the SSH server allows it, users with administrator privileges may retain their permissions by adding elevated, before their user name. For example:

$ sshg3 elevated,Administrator@example.com