A password policy is a set of rules designed to enhance computer security by encouraging users to employ strong passwords and use them properly. It is often part of an organization's official regulations and may be taught as part of security awareness training. It may either be advisory or mandated by technical means.A strong password policy is one of the most important aspects of your security posture. Many successful security breaches involve simple brute force and dictionary attacks against weak passwords. If you intend to offer any form of remote access involving your local password system, make sure you adequately address minimum password complexity requirements, maximum password lifetimes, and frequent audits of your authentication systems.
LONG = SECURITY
Many policies require a minimum password length of 8 characters but longer is equal to better security and harder to figure out . Your password should be at least 15 characters long and contain upper and lower case letters, numbers and special characters.
DO NOT SHARE YOUR PASSWORD
Your password is the only thing that ensures privacy of your account so do not share your pass with anyone(friends, coworkers or even family members.) . It is also your obligation to see that you are the only one using your account. You are responsible for how your account is used, so do not let other people have access to it.
IT SHOULD BE IN YOUR MEMORY
Never write down your password on a piece of paper,sticky paper or save it on a file instead put it in your memory.
DO NOT ALWAYS CHANGE YOUR PASSWORD
Changing password is a must, but always changing password may end up using much weaker passwords since it’s hard to come up with strong passwords that are also easy to remember, if people are required to come up with many passwords because they have to change them often, they end up using much weaker passwords
NOT BASED ON YOUR PERSONAL INFORMATION
When creating your password don’t use anything that based on your personal information. For example, never use any part of your legal name and any part of your username. Don’t use your phone number, birth date, or license plate number.
