The rules for changing your password at auburn.edu/myaccount are as follows:

• Must begin with a letter
• Minimum 12 characters, Maximum 30 characters
• Must use at least 3 of the following 4:
  
  • An UPPERCASE letter (ABCDEFGHIJKLMNOPQRSTUVWXYZ)
  • A lowercase letter (abcdefghijklmnopqrstuvwxyz)
  • A number (0123456789)
  • A special character (! @ # $ % ^ & * - _ + = [ ] { } | \ : ' , . ? / ` ~ " < > ( ) ; are allowed)

Instead of a password, start thinking in terms of a passphrase.

• Since there is a minimum of 12 characters for passwords, it is easier to think of a phrase that you can remember:

  Example: I donate money to the 4-H
  Resulting passphrase: Idonate$2the4H

• Take advantage of the allowed special characters and the length of 30 characters. In general, the longer the password the more secure.
• It is best to avoid words found in the dictionary, but sometimes, combining short words for a passphrase is okay.

  Example: Great fun for all
  Resulting passphrase: Gr8_Fun_4_All

• Use numbers as part of words, but do not substitute digits for characters such as using zero in place of the letter O or the digit one instead of the letter L or I.

  Good password: h8_not_h@s!
  Bad password: n0tg00dpassw0rd

• Avoid using any words associated with Auburn University such as WarEagle or Tigers.  Instead, you could drop the vowels, add an adjective, etc.

  Example: Tigers are number one forever
  Resulting passphrase: TgrsR#1_4ever

• Do not use other easily obtained information about yourself.  While using this information may create a password easy to remember, people that know you may easily figure it out. For example, do not use:
  
  • your username
  • your name
  • name of a relative or friend
  • license plate numbers
  • phone numbers
  • social security numbers
  • the make of your automobile
  • the name of the street you live on
  • the room number or building in which you work, etc.
• Do not use a word that could be considered banned.  That being said, there is no specific list of banned words.  A banned word can be any word found in the dictionary or any word listed in the example above.  Simple words are easily hacked.  The more complicated the "word" or passphrase, the better.