Password is vital to protect your access to computer systems, online accounts and information assets. Weak password is susceptible to brute force password guessing attack by attacker or malicious software. It is important to choose a strong password and protect it carefully. This section includes dos and don’ts when choosing a strong password, a three-step method to create an easy to remember password, as well as best practices to protect your passwords.

1. Must have both upper and lower case letters.
2. Must have digits, special characters as well as letters.
3. Must be at least 12 characters long.
4. Must be easy to remember, so they do not have to be written down.
5. Can be typed quickly, so someone else cannot look over your shoulder.

1. Do NOT use the account name as the password.
2. Do NOT use the account name in any mutated form (reversed, capitalized, partial, doubled, etc).
3. Do NOT use any word in a dictionary.
4. Do NOT use names/birthdays/phone numbers/pet names.
5. Do NOT use password that is too complicated to remember.
6. Do NOT reuse old password.
7. Do NOT append numbers to old password to form new password.

1. Use the first letter of each word in a phrase you can easily remember.
   For example “This Is A Good Password” ->Tiagp
2. Add numbers.
   For example Tiagp -> Tiagp321
3. Substitute letters with special characters.
   For example Tiagp321 -> T!agp321

1. Do NOT disclose password to anyone.
2. Do NOT write down password on a piece of paper.
3. Make sure others can’t see what you are typing when inputting your password.
4. Do NOT send password via email.