Password Security: An Empirical Study
Authors
Zviran, Moshe
Haga, William J.
Advisors
Second Readers
Subjects
access control||information system security||passwords||user authentication
Date of Issue
1999
Date
Spring 1999
Publisher
M.E. Sharpe, Inc.
Language
Abstract
Organizations are more dependent than ever on the reliable operation of
their information systems, which have become a key to their success and effectiveness. While the growing dependence on information systems creates an urgent need to collect information and make it accessible, the proliferation of computer technology has also spawned opportunities for ill-intentioned individuals to violate the information systems' integrity and validity. One of the most common control mechanisms for authenticating users of computerized information systems is the use of passwords. However, despite the widespread use of passwords, little attention has been given to the characteristics of their actual use. This paper addresses the gap in evaluating the characteristics of real-life passwords and presents the results of an empirical study on password usage. It investigates the core characteristics of user-generated passwords and associations among those characteristics.
Type
Article
Description
Series/Report No
Department
Systems Management
Organization
Identifiers
NPS Report Number
Sponsors
Funding
Format
Citation
Zviran, Moshe, and William J. Haga. "Password security: an empirical study." Journal of Management Information Systems 15.4 (1999): 161-185.
Distribution Statement
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.