What is a secure password and how do I ensure that I am using a strong password?

Strong passwords make use of multiple rules to provide a random string of characters that are used to secure access to your personal information. A username and password is the most commonly used method to confirm a person’s identity.  Strong passwords are your first line of defence against unauthorised access to your accounts.

Please consider the following when managing access to your mailbox or hosting account:

  • Change your password regularly as this limits the amount of time available to compromise or continue access to your secure information. Changing your password at 30 to 60 day intervals is considered good practice.
  • Dictionary words in any language allow criminals to rapidly detect your access information via use of sophisticated tools which allow them to guess passwords that are based on words in multiple dictionaries, including words spelt backwards, common misspellings and substitutions.
  • A strong password should be a minimum length of 8 characters, the longer the better. Each character that you add to your password increases the protection that it provides. Note : Certain tools may have a character length limitation.
  • Combining letters, numbers and symbols makes the password harder to guess.  The greater the variety of characters that you have in your password the better, for example, upper case (A-Z), lower case (a-z) and numerals (0-9).
  • Avoid using number sequences or repeated characters eg. ‘12345678’, ‘22222222’, ‘abcdefg’. Adjacent letters on your keyboard should also be avoided.
  •   Look-alike substitutions of numbers or symbols do not fool criminals who know enough to try and crack your password by these common replacements, eg. avoid replacing an ‘a’ with ‘@’ or an ‘o’ with a ‘0’ as in ‘P@ssw0rd’.  These substitutions can however be effective when combined with other measures, such as length, misspellings or variations in case.
  •   Avoid using passwords linked to your username or domain name, for example, if your email address is This email address is being protected from spambots. You need JavaScript enabled to view it. then a password of ‘me123’ is not considered secure. Adding 123 at the end of a password does not automatically make it secure.
  • Always keep password information in a safe place.