Ok.  We don't like them.  We don't like using them.  They are hard to remember and basically a pain.  But passwords are necessary.  I read just recently of hackers gaining access to other peoples E-bay accounts by using the old, tried and true dictionary attack.  If you work in a small office where everyone is known and trusted you may not need a password for your windows network but if the network is tied into the internet anywhere then there needs to be a good password at that junction at least.  Follows some basic password tips:

1.         Your password should not be a real word.  Not found in a dictionary.  (See above comment on e-bay accounts.)  If it is based on a real word then it should be misspelled.  It should have numerals and letters.  If you are working with a system that can handle it then there should be random capitalization.

2.         If you are safeguarding information important enough that a hacker might take the time to learn about you on a  personal basis then the password should not be tied to your life.  The kids, the dogs, birthdays and anniversaries, etc are common and, therefore, guessable.

3.         Length is also a consideration.  If a hacker uses a random character generator to try to 'crack' your account then  security increases exponentially with each additional character in your password.

4.         Use different passwords for different accounts.  If someone gets access to one place they will still have to work hard  to get into the others.

Other points are basically common sense... Don't write down your password, don't share them except on a need to know basis, change them often.  These are basic rules for the most people.  If you are dealing with other, more sensitive issues then you probably know more about security than can be dealt with here.  Your company may also have security or password guidelines in place already.  These thoughts are aimed more at the home user or small business with no formal IT department