What to do when choosing a password
Prefer a long password or passphrase over a short clever one. Length helps because it creates more combinations, and a phrase made from several unrelated words is usually easier to remember than a short complicated string that has no meaning to you.
Use a password that is unique to this system. If the same password is reused on other websites, a problem elsewhere can put this account at risk too.
- Use several words, or a long mixed password, instead of a short single word.
- Add variety with upper-case letters, lower-case letters, numbers, and symbols when the form allows them.
- Keep the password in a trusted password manager if you are likely to forget it.
What not to do
Do not use obvious information such as your name, aircraft registration, email address, date of birth, company name, or simple patterns like 123456, qwerty, or password. These are among the first guesses attackers try.
Do not share the password by email or chat, and do not leave it written on paper near a shared computer. A strong password loses most of its value if it is exposed in plain sight.
- Do not reuse the same password from another site.
- Do not choose a password that changes only by one number at the end.
- Do not store the password in an unprotected text file on a shared machine.
If something goes wrong
- If a password seems strong to you but the form rejects it, check whether the page requires a minimum length or a certain mix of characters.
- If you keep forgetting strong passwords, move to a password manager instead of weakening the password into something easy to guess.
- If you suspect someone else may know your password, change it immediately and use a completely new one rather than a small variation of the old password.