For much more information on passwords and other methods of authentication, I recommend reading the excellent Authentication: From Passwords to Public Keys by Richard Smith.
As it says on the Addison-Wesley book page:
"[This book] gives readers a clear understanding of what an organization needs to reliably identify its users and how different techniques for verifying identity are executed."
And, to close this article, here are two interesting articles you might be interested in:
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.