You are here

Password Strength Rules

Passwords are a weak link in any website's security. Unfortunately, enforcing password 'strength' is annoying to users but it is the only way to ensure that our system is safe and secure for everyone. Hopefully you will be understanding of the rigid rules which are enforced.

Password Rules

The following rules will be used to verify your password:

  • password cannot be the same as username,
  • minimum length of eight (8) characters,
  • no spaces,
  • use both upper and lowercase letters,
  • use numbers,
  • use punctuation (optional).

Passwords constructed with these rules can be more difficult to remember. One suggestion to make it easier is use a combination of a name of something very familiar and an easily remembered date which are disguised with punctuation characters. Of course using your own name or those close to you would be easy to guess for someone who knows you. An example would be:

  • sAr19-72ah (sarah 1972)
  • ja[Ke/19]67 (jake 1967)
  • [Rob=Ert=19=69]

Password strength tips:

  • use combinations that are not normally used,
  • do not use any word, name or date in its whole, correct form. Use punctuation to break up the easily guessed terms,
  • do not use dashes or hyphens '-' between words or letters, eg. 'sar-ah' for 'sarah'. Better to use any other punctuation mark,
  • do not replace letters with similar looking numbers, eg. using the number zero '0' for the letter 'O'.