Computer Password Security
Implementing Guidelines for Strong Passwords

Adopting strong password policies is one of the most effective ways to ensure system security. This is only an example policy. It may not be strong enough for your needs; it is up to each customer to determine how strong is strong enough. This example policy can be made stronger by increasing the required length or diversity of types of characters in the password, and the frequency with which the password must be changed.

Your password must contain characters from at least 3 of the
following 4 classes: Description Examples
1. English Upper Case Letters A, B, C, … Z

2. English Lower Case Letters a, b, c, … z

3. Westernized Arabic Numerals 0, 1, 2, … 9

4. Non-alphanumeric (“special characters”) For example,
punctuation, symbols. ({}[],.<>;:'"?/|\`~!@#$%^&*()_-+=)

Your password must be at least 6 characters long. For stronger security, choose longer passwords with characters from all four classes Your password should not contain your e-mail name or any part of your full name. Your password should be changed every 45 days. Your new passwords should never be the same as any of your last eight passwords. Your password should not be a "common" word (for example, it should not be a word in the dictionary or slang in common use). Your password should not contain words from any language, because numerous password-cracking programs exist that can run through millions of possible word combinations in seconds. A complex password that cannot be broken is useless if you cannot remember it. For security to function, you must choose a password you can remember and yet is complex. For example, Msi5!YOld (My Son is 5 years old) OR IhliCf5#yN (I have lived in California for 5 years now).