Passwords must be created to comply with the University’s information security policy. This means a minimum of 8 characters with at least one non-alphabetic character. Passwords should not be individual dictionary words, common names, or sequences of numbers. "F4&yh10!" is an example of an acceptable password.
A longer password is a stronger password. Consider creating a password comprised of several unrelated words with numbers and special characters interspersed. This is often referred to as a passphrase. It is generally thought to be stronger and easier to remember than a traditional password. "L3ftFl0orCha1rBridg3#58" is an example of an acceptable passphrase.
Systems should be configured to require strong passwords automatically. Harvard PIN or LDAP integration satisfies this requirement and should be used whenever possible.