Your password should be at least 10 characters in length, the longer the better. This is the most important security factor.
Never use any words that can be found in a dictionary (like Password). It does not matter if the dictionary is English or any other language.
Do not use the same password more than once.
Try to use a random set of upper and lower case characters, digits and symbols (eg. Pk@2!gfIp&:5dYa)
Use a Password Generator to create your password.
Don't simply add a single (or double) digit or symbol before or after a word. (eg. password11 or password!)
Don't just repeat the word. (eg. passwordpassword or passwordpasswordpassword)
Don't use combinations that are very common. (eg. qwerty, asdfgh or 123456)
Don't just replace certain letters with numbers. (eg. passw0rd)
Don't use passwords based on personal information such as: name, nickname, birthdate, wife's name, pet's name, friends name, home town, phone number, social security number, car registration number, address etc. This includes using just parts of your name, or part of your birth-date.
Don't use passwords which are based on names of objects. (eg. car, mouse, keyboard, telephone, printer)
Don't use your account name, address, username, social media profile name, email etc.
Don't use words that are part of the website's name (eg. thejobauction, amazon, ebay).
Password Creation ()
Use the first letter of each word from a random sentence of a book (see examples below).
Include commas, periods and punctuation much like in the original.
Add one or more digits in your new password.
Use a strong Password Generator.
Shakespeare's Hamlet (Act 3, Scene 4) Sentence: Now mother, what’s the matter?
Take the first letter of each word and each symbol in the sentence: Password: Nm,w'stm?
Since the sentence does not include any numbers, we will insert two additional random digits: Password: Nm3,w'st4m?
Sentence: The quick brown fox jumps over the lazy dog!
Take the first letter of each word and each symbol in the sentence: Password: Tqbfjotld!
Since the sentence does not include any numbers, we will insert two additional random digits: Password: T7qbfjot3ld!
Password Lifecycle ()
Change your password regularly and frequently.
Change your password if you have reason to believe that someone might know it or is able to guess it.
Use a unique password for each platform or app.
Never re-use a password.
Password Protection ()
Do not write your password on a post-it, notebook or anywhere else.
Never store your password. The exception is in an encrypted form.
Never tell anyone your password. This also includes anyone calling from a 'company' or the website your are using. No serious company will EVER ask you for your password. (eg. TheJobAuction, Ebay, Amazon or even your own Bank)
Never send your password in an email
Make sure you only enter your password on website's that have a green lock in the address bar.
Make sure nobody watches you when entering your password.
Use a password manager to keep track of your passwords.