Strong Password

Use a minimum of 10 characters. Generally, the more characters you can use, the harder a password is to be cracked or guessed.
Choose a password that is easy for you to remember but would be hard for another to guess. One useful approach is to use a sentence or saying to create a “passphrase” by using the first letters, capitalization, and special characters as substitutes. For example, “One ring to rule them all, one ring to bind them” may be used to create a passphrase like “1R2rtAor2Bt” that can be used as a very strong password.
Passwords must include at least three of the four following types of characters
English uppercase letters (A through Z).
English lower case letters (a through z).
Numbers (0 through 9).
Special characters and punctuation symbols (Example: _, -. +, =,!, @, %, *, &, ”, :, ., or /).
Do not use the following characters \ , ~ or < .
Do not use a space or tab.

Reuse of any of your last 5 passwords is prohibited over most of web/ corporate applications.

Avoid words, numbers, or known or public information associated with you. (e.g. Social security numbers; Names, family names, pet names; birthdays, phone numbers, addresses; etc.)
Avoid using your login name or any variation of your login name as your password. If your login is ‘fredrick’, do not use substitution or letter reordering. Examples would be ‘fr3dr1ck’, where the 3=e and the 1 (one)= i. Alternatively, do not use kcirderf (backwards) or add a digit to the beginning or end of the word (1fredrick or fredrick1).
Avoid using the same character for the entire password (e.g., ‘11111111’) or using fewer than five unique characters.
Avoid common letter or number patterns in your password (e.g., ‘12345678’ or ‘abcdefgh’). They are the first things hackers will test.
Substitution should not be used on common words or with common substitutions (e.g., 3=E, 4=A, 1=I, 0=O, etc).
When changing a password, change to an entirely new password. Do not just rotate through a list of favorite passwords.