If someone was able to guess your password (or if it leaked), they could go in and make a mess of this wiki in just a few minutes. That's why were pretty strict about passwords.

As you can see, if you ever go into Update Profile and or use Set new password on the login screen, we have some requirements for your password:

• Must be at least 8 characters long (the longer the better),
• It needs to include both upper and lower case letters and either numbers or special characters,
• You can't use your user name in your password, and
• You can't use any of the 10,000 most commonly used passwords. (Bet you've used at least one of them.)

Passwords leak. A lot!

Here's a list of major leaks, including from Yahoo, Facebook, Adobe and EBay. Here's an even bigger list of websites that have leaked passwords.

If you use the same password everywhere, odds are it's already on a list. Here's a place you can safely check - HaveIBeenPwned only sends encrypted hash values across the Internet.

This is why it's best to use a different password for each website. If one leaks, it won't help hackers anywhere else.

When you type in a new password, you'll see a message like weak, policy not met or decent. Here's what it means:

You can check how strong your passwords are at PasswordMonster. PM does all testing locally within your browser. Nothing is send across the Internet.

It is a REALLY good idea to use a different random password (e.g., 5csZCzcRG8W) for each website you visit. But how can you keep track of all those passwords? You can't. That's why using a Password Manager is recommended.

You'll find them built into web browsers like Firefox. Google Chrome & Android has a manager. Apple's iCloud Keychain is a good option.

If you prefer an independent option, Bitwarden comes highly recommended by Chris Daley. It works cross-platform with Apple, Android, Windows, and Linux computers. It's open source and free/cheap to use.

Ask one of the Wiki Admins.