A staff password must have the following characteristics:
- 8 Characters or more
- Needs to include 3 of the following: lowercase letters, uppercase letters, numbers or special characters
- Cannot include any part of your name
- Cannot be a previous password
When setting a password be mindful of how often this password has been used on other sites and services. Data leaks occur very frequently on a number of different services with emails and passwords being two of the biggest targets for attackers.
The more you use the same password for different services the more likely that password ends up in a data leak and now exposes the rest of your accounts.
A good method for creating passwords is creating password 'categories'. This means having a separate password / password format for different service categories, e.g. work, social media, retail. This means when one of your passwords end up in a data leak the damage is contained.