Share via

Guidelines for Creating Strong Passwords


To help keep a Windows Mobile device more secure, the device should be configured to use a strong password and the password should be changed regularly. Passwords can be the weakest link in a computer security scheme. Strong, hard-to-guess passwords are important because the tools and computers that people use to guess passwords continue to improve. Use these guidelines as tips to create secure passwords.

Password Guidelines

For a password to be strong, it should:

  • Be at least seven characters long. Because of the way passwords are encrypted, the most secure passwords are seven or 14 characters long.

  • Contain at least one character from three of the following four groups:

    Group Examples

    Uppercase letters

    A, B, C...

    Lowercase letters

    a, b, c...


    0, 1, 2, 3, 4, 5, 6, 7, 8, 9


    ` ~ ! @ # $ % ^ & * ( ) _ + - = { } | [ ] \ : " ; ' < > ? , . /

  • Have at least one numeric or symbol character in the second through sixth positions.

  • Be significantly different from prior passwords.

  • Not contain your name or user name.

  • Not be a common word or name.


Do not store your password in the Hint field on your device.

When entering a password on a Windows Mobile Professional or Windows Mobile Classic device, the dialog box presented will change based on the type of password. If the password on the device is a 4-digit PIN, the device brings up a standard PIN dialog. If the device is using a strong password, the strong password dialog will appear. This difference in behavior will occur automatically based on the type of password that has been set on the device.

See Also


LASS Security

Other Resources

Configuring LASS