I’ll go so far as to say your password is too damn short. These days, given the state of cloud computing and GPU password hash cracking, any password of 8 characters or less is perilously close to no password at all. So then perhaps we have one rule, that passwords must not be short. A long password is much more likely to be secure than a short one … right?