[In order to promote the choice of longer and more complicated sequence of characters for PASSWORDS, and in line with the IT security community, we use the word: PASS-PHRASE instead of PASSWORD]
Site's Pass-phrase Rules
We promote the strong pass-phrases through the following constraints:
Your Pass-phrase should be at least 8 characters long
And it should contain at least:
- One digit
- One Uppercase character
- One lowercase character
- One Symbol (:!?%$...)
Do not use your username as part of your Pass-phrase
Some facts:
Most of the people use the SAME Pass-phrase for ALL their accounts!
Many write their pass-phrases in a un-encrypted file on their computers!
Many stick their passwors right besides the same computer screen
The most commonly used pass-phrases in each language are widely published and known
The "dictionary attacks" are getting very cheap: few dollars for thousand tries
The average time to hack a WEAK Pass-phrase is around one hour
Many companies send the users pass-phrases to the users in the unprotected emails.
A pass-phrase should NEVER be sent over the net even through a protected connection
Many sites do not use the Secured Connection (SSL) to login or create account.
ALL the pass-phrases created or used on these sites are compromised.
Our Advice
While these constraints assure a MINIMUM complexity of your pass-phrase they don't garantee their actual quality. Here are our guide lines:
Such pass-phrase is easy to remember and difficult to hack.
We recommend you STRONGLY to use the [DICEWARE](https://en.wikipedia.org/wiki/Diceware) method to pick up a pass-phrase. There are some sites helping you to generate the diceware-compliant pass-phrase. Some of them are listed in the Wikipadia article. A secure and gorgeous pass-phrase just few clicks away!
Write down your Pass-phrase on a paper (but do not stick it to your computer screen !)
If you are tired of writing your pass-phrases here and there and losing them you can use the Pass Safe star
[KeePass](https://keepass.info) (or another open-source one). KeePass can manage the automatic login without even
need to key in your pass-phrase. So you can select a REALLY strong one (at least 4 words). Secure &
Simple. A gift from the fabulous Open-Source Community.
Do not use this site's Pass-phrase for any other site