Our mail sys­tem does not enforce pass­word rules, but I still rec­om­mend using secure pass­words. A secure pass­words has the fol­low­ing attrib­ut­es:

  1. The pass­word length is at least eight char­ac­ters.
  2. The pass­word con­tains at least one low­er case let­ter.
  3. The pass­word con­tains at least one upper case let­ter.
  4. The pass­word con­tains at least one dig­it.
  5. The pass­word con­tains at least one spe­cial char­ac­ter. Good fits usu­al­ly are the excla­ma­tion sign !, the pound # or the pound£. Some­times, you can also use a dol­lar sign $, the ver­ti­cal bar | and oth­ers. It depends on the sys­tem requir­ing a pass­word, which spe­cial char­ac­ters are valid or not.
  6. No part of the pass­word can be found in a dic­tio­nary, ency­clo­pe­dia or the­saurus of any arbi­trary lan­guage in the world. This last point can­not be stressed often enough, because hack­ers try com­plete dic­tio­nar­ies first when they try to iden­ti­fy a pass­word.

A sim­ple method for find­ing a mem­o­rable pass­word is to find some attribute and break the name of that attribute into parts by inter­rupt­ing it with num­bers and spe­cial char­ac­ters, inter­min­gling it with upper­case let­ter at ran­dom. The num­ber should be some­thing that one can remem­ber eas­i­ly, but no one else knows. The place inside the word where you put the num­ber is arbi­trary and is sup­posed to make a hack­ers life more dif­fi­cult.

Exam­ple: The open plan office I am work­ing in has sev­en win­dows. The pass­word I choose is: win7dow#

(Now this pass­word is used, since it has been pub­lished in the inter­net. There­fore, do not use this exact pass­word for your­self!)