Your passwords are keys to the kingdom and it only makes sense to protect them. Rather than worry about what constitutes a secure password, focus on where they are stored and used. Operating systems must securely encrypt and store passwords for the accounts they hold. Network devices must have encrypted passwords unable to be extracted or decrypted. Change account, system, and master passwords regularly. Use a password vault. Do not write down passwords if avoidable. Do not share login credentials. Avoid using generic accounts. Ensure you have a current policy that governs passwords and review it regularly. Undertake awareness training.