A strong password is difficult to detect by humans and computer technology, and therefore protects information from unauthorized access. Do not assume that once you have created a strong password that it should be used for every system or program you log into. If an intruder does guess it, he would have access to all of your accounts.
The strength of a password is a function of complexity, length, and randomness. It can be estimated by how many times an intruder who does not have direct access to the password would need, on average, to guess it.
A strong password has the following characteristics:
At least 8 characters long. The longer the better.
Combines letters, numbers, and symbol characters within the password.
Not found in a dictionary.
Not the name of a command.
Not a login name or name of person.
Not a common usage name such as the make of an appliance, computer, pet, etc.
Is changed regularly.
Is significantly different from other passwords.
A strong password will reduce the overall risk of a security breach, but it will not replace the need for other effective security controls such as a second authentication factor. For more information see Related Concepts - Two Factor Authentication.