A case study of the weakness of freshmen chosen password for academic information system

In the last decades,some extensive research explored new algorithms and protocols how to secure data or user information using password and username. there are new methods such as biometrics. the drawback of this method is that it needs other hardware or device. on the other hand,the username and password combination to authenticate user identity has been widely used because cheap and user-friendly. the latter method has some weakness such as dictionary attack,brute force or other method. the purpose of this research to find out the weakness of freshmen chosen password to protect their identity in the academic information system. the experiment is done in a public university in indonesia. this research carried on around 12 faculties and 102 departments. the freshmen at this university is around 6499 students. the sampling method is population,so that all the freshmen student account investigated. the first scenario is to find out how many students use the same password as username. the second scenario is a dictionary attack on some freshmen account that cannot be found on the first scenario. the result of this experiment about 60% to 75% of freshmen’s password in each faculty can be guessed because the students used the same username and password. other method used in this research has been revealed more password from freshmen. © 2015 penerbit utm press. all rights reserved.