After describing the need for and uses of passwords, the features of password schemes are categorized according to selection technique, lifetime, physical characteristics, and information content. Password protection, both in storage and transmission, is examined as are current implementations and cost considerations. The report notes that most commercial and Government time-sharing systems are continuing to rely upon passwords, which can be an effective form of personal authentication when care is taken in their selection and protection. A configuration providing a high level of security would incorporate passwords that are one-time, computer-generated, fairly unique, at least four characters long, random, encrypted when stored, and encrypted in transmission. Additional safeguards include the use of techniques such as banner lines to inform users of previous attempts at logging onto their accounts. The exact password scheme appropriate for a given system depends on the required level of security as determined by cost-risk analysis. Formal guidelines for the selection and use of password systems are needed. Tables, a glossary, figures, and over 70 references are supplied.