Content area
Abstract
Organizations are more dependent than ever on the reliable operation of their information systems, which have become a key to their success and effectiveness. While the growing dependence on information systems creates an urgent need to collect information and make it accessible, the proliferation of computer technology has also spawned opportunities for ill-intentioned individuals to violate the information systems' integrity and validity. One of the most common control mechanisms for authenticating users of computerized information systems is the use of passwords. However, despite the widespread use of passwords, little attention has been given to the characteristics of their actual use. The gap in evaluating the characteristics of real-life passwords is addressed and the results of an empirical study on password usage are presented. The core characteristics of user-generated passwords and associations among those characteristics are investigated.