Disclosed herein is a method of performing a password challenge in an embedded system. The method includes receiving a password, scrambling the sub-words of the password pursuant to scramble control codes, retrieving a verification word, scrambling the sub-words of the verification word pursuant to the scramble control codes, and comparing the scrambled sub-words of the password to the scrambled sub-words of the verification word. Access to a secure resource is granted if the scrambled sub-words of the password match the scrambled sub-words of the verification word. The scramble control codes cause random reordering of the sub-words of the password and sub-words of the verification word in a same fashion, and insertion of random delays between the comparison of different sub-words of the password to corresponding sub-words of the verification word.