Abstract or Summary:
A survey evaluating the generation and use of passwords revealed that students have 8.18 password uses. With 4.45 different passwords to cover these functions, the average password has 1.84 applications. Two thirds of passwords are designed around one's personal characteristics, with most of the remainder relating to relatives, friends or lovers. Proper names and birthdays are the primary information used in constructing passwords, accounting for about half of all password constructions. Almost all respondents reuse passwords, and about two thirds of password uses are duplications. Passwords have been forgotten by a third of respondents, and over half keep a written record of them. We found empirical confirmation of some bad password practices discussed in the literature, and provide suggestions for password construction and use.