Abstract:
One of the critical issues in managing information within an organization is to ensure that
proper controls exist and are applied in allowing people access to information. Passwords are
used extensively as the main control mechanism to identify users wanting access to systems,
applications, data files, network servers or personal information. In this article, the issues
involved in selecting and using passwords are discussed and the current practices employed
by users in creating and storing passwords to gain access to sensitive information are
assessed. The results of this survey conclude that information managers cannot rely only on
users to employ proper password control in order to protect sensitive information.
