Password security: An empirical study

One of the most common control mechanisms for authenticating users of computerized information systems is the use of passwords. Despite the widespread use of passwords, little attention has been given to the characteristics of their actual use. This paper addresses the gap in evaluating the characteristics of real-life passwords and presents the results of an empirical study on password usage. It investigates the core characteristics of user-generated passwords and associations among those characteristics.