I would say to make the password not simple/easily guessed (a word that is related to your site). Don't use words that are found in dictionaries, and use non alpha-numeric characters. Make the password long (not too long that people can't remember, have to write down if it's sensitive information, etc.) Use hash functions such as SHA-1.Read this from microsoft.com about strong passwordshttp://www.microsoft.com/athome/security/p...y/password.mspxUse this if you want to check if your password(s) are weak, medium, strong, or besthttp://www.microsoft.com/athome/security/p...rd_checker.mspx