Passwords: A Survey on Usage and Policy
Abstract
Computer password use is on the rise. Passwords have become one of the primary authentication methods used today. It is because of their high use that organizations have started to place parameters on passwords. Are password restrictions a nuisance? What are some of the consequences that result as organizations place the burden of their computer security on passwords? This thesis analyzes the results of a survey instrument that was used to determine if individuals are using similar techniques or patterns when choosing or remembering their passwords. It also looks at how individuals feel about using passwords. In addition, the authors examine the literature to determine the importance of choosing strong passwords. This study reveals some critical issues associated with password choice: many respondents feel that organizational parameters are a nuisance, many respondents still write their passwords down, over 70% of respondents must remember more than five passwords, and many individuals are using the same password for multiple applications. The authors see a need for organizations to minimize the number of passwords individuals must remember. The survey results show that the intent of password policy is not being followed, and the authors contend that overlooking this finding is a serious threat to the future of computer security.
Document Details
- Document Type
- Technical Report
- Publication Date
- Mar 21, 2005
- Accession Number
- ADA434309
Entities
People
- Kurt W. Martinson
Organizations
- Air Force Institute of Technology