Passwords are a critical part of information and network security. Passwords serve as primary authentication method to protect user accounts but a poorly chosen password, if compromised, could put the entire network at risk. Many users do not understand why good passwords and password management are important for information systems. “We‟re secure! We use passwords!” How many of us have heard this claim? Or even – “We‟re secure! We have a password policy!” Using a password or having a password policy in today‟s world of computing is not enough. Understanding and practicing the policy is important to keep accounts secure. In this thesis, the author has conducted a survey to check password habits for user accounts on 113 subjects. This survey allowed the author to understand password habits of users according to sensitive of their account, also reveals some critical issues associated with password choice. As a result, data on password strength, the types and lengths of passwords chosen, and how they vary by site or sensitivity of account has been considered.Furthermore, recommendations are given based on different aspects of users' requirements. Hopefully, the result of this thesis will be valuable to users who want to use password policy for securing user accounts.