They should have at least three of the following: uppercase letters, lowercase letters, digits, and other characters.
They should not be: names (especially family or pet names), words, the same as the account name, or any of the preceding spelled backwards. Do not use password or god − these are equivalent to sending out invitations to hackers to break into your system!
Do not let anyone watch while you type in a password.
Never give out your password. Never.
Never write your passwords down and leave them near your machine.
Passwords should be changed no more frequently than once a month and no less frequently than once every 6 months.
Use a password validator or automatic generator if you do not trust yourself to come up with a sound password.
